urlscan.io logo urlscan.io
SecurityTrails logo

g79.site Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://g79.site/
Submission: On September 20 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 6 domains to perform 19 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is g79.site.
TLS certificate: Issued by WE1 on September 19th 2024. Valid for: 3 months.
This is the only time g79.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 188.114.96.3 13335 (CLOUDFLAR...)
2 143.198.242.75 14061 (DIGITALOC...)
7 142.250.185.130 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 104.21.11.159 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.169.11 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
19 9
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
g79.site
2    143.198.242.75 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
customfingerprints.bablosoft.com
7    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
101face.ru
1    104.21.11.159 (None, )

ASN13335 (CLOUDFLARENET, US)
quiet-corner.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    162.19.169.11 (France)

ASN16276 (OVH, FR)
PTR: ns3222241.ip-162-19-169.eu
fingerprints.bablosoft.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
311 KB
3 bablosoft.com
customfingerprints.bablosoft.com — Cisco Umbrella Rank: 161599
fingerprints.bablosoft.com — Cisco Umbrella Rank: 295428
1 MB
3 g79.site
g79.site
5 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
1 quiet-corner.com
quiet-corner.com
93 KB
1 101face.ru
101face.ru
574 KB
19 6
Domain Requested by
7 pagead2.googlesyndication.com g79.site
pagead2.googlesyndication.com
3 g79.site
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 customfingerprints.bablosoft.com g79.site
customfingerprints.bablosoft.com
1 fingerprints.bablosoft.com customfingerprints.bablosoft.com
1 www.youtube.com g79.site
1 quiet-corner.com g79.site
1 101face.ru g79.site
19 8

This site contains links to these domains. Also see Links.

Domain
101face.ru
Subject Issuer Validity Valid
g79.site
WE1		 2024-09-19 -
2024-12-18		 3 months crt.sh
customfingerprints.bablosoft.com
R10		 2024-07-12 -
2024-10-10		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
101face.ru
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
quiet-corner.com
WE1		 2024-08-27 -
2024-11-25		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
fingerprints.bablosoft.com
R10		 2024-07-12 -
2024-10-10		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://g79.site/
Frame ID: A9ED2A697E13382AA3036A574A1E564C
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SHRCOo9A3Pk
Frame ID: 2F673C7B667BA97B1EB830655F7E6447
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240918/r20110914/zrt_lookup_fy2021.html
Frame ID: 9015A9AD6D6103C927283F48422FC44F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4381450471092372&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1726846008&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fg79.site%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiepr=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726846007679&bpp=7&bdt=1203&idt=639&shv=r20240918&mjsv=m202409160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4949560173113&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95342766%2C31087173%2C95342338&oid=2&pvsid=77724950496758&tmod=645470865&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=735
Frame ID: 6A3A9F87F2AF0C24E5D19360DAC5CD74
Requests: 1 HTTP requests in this frame

Frame: https://fingerprints.bablosoft.com/setcookies
Frame ID: 60E014C227C65A951398D32333ADCB30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA3C12ED08D37A8405EE19305DE8ECCB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

101face.ru 10 Foods to Help You Get Lean · 1. Avocados · 2. Mangoes · 3. Apples · 4. Fish · 5. Herbs and Spices · 6. Tea · 7. Beans · 8. Veggies and Leafy Greens.

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

19
Requests

95 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

9
IPs

6
Countries

2444 kB
Transfer

12810 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
g79.site/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g79.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe48bd32e46a6150d42d6759f39ece0056559bf5a33420307d152756d5249c4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c62d5f33f589ffc-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Sep 2024 15:26:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24GxuS6deOKLxzUPAgcNHTOIsYLU4Ev%2BDcnI0iV%2Fz5D9mtzD3Y62piCFjpWSAPZzlpunC1%2F0VX3zpW%2BxTd8CgQnXxc7ZOtVy6kBvu8EAnf5WewiNjsivqbrLYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
speculation
g79.site/cdn-cgi/ 		128 B
535 B 		Other
General
Check archive.org
Download Go to
Full URL
https://g79.site/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://g79.site
Referer
https://g79.site/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utKG6AhLvoz8%2BScJdw%2F7FZKu%2BBHGIngr%2F7IdmGCeEtXvQp34qNlLK8rjh%2FAMIWU9M%2F60HHbFIdGhya5c5BF4uW792DXgNR0R%2B88ljWi4sXH2ZNnllm6xFB27xA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c62d5f489bd9ffc-AMS
access-control-allow-origin
https://g79.site
content-length
128
date
Fri, 20 Sep 2024 15:26:46 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
clientsafe.js
customfingerprints.bablosoft.com/ 		662 KB
663 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customfingerprints.bablosoft.com/clientsafe.js
Requested by
Host: g79.site
URL: https://g79.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
93ef8c3872b0dd9e9b1f3fd9451821b4cd4fe5b0cc636573cdf05d112a032636
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=0
etag
W/"a5710-190e5f98f40"
accept-ranges
bytes
content-length
677648
date
Fri, 20 Sep 2024 15:26:46 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
last-modified
Wed, 24 Jul 2024 18:20:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4381450471092372
Requested by
Host: g79.site
URL: https://g79.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
77f54e3f6cd6ff63ae6cbe0bbb12516e5e95f5f005c141fdc93fc48284d5ce93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://g79.site
Referer
https://g79.site/

Response headers

content-encoding
br
etag
139347836659695473
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 15:26:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Sep 2024 15:26:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52562
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4991270330482248
Requested by
Host: g79.site
URL: https://g79.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7e6a4afa8128933e6da0cce6de4c4a0f008e0dc5fe76d8e1a97c1d5f881fc015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://g79.site
Referer
https://g79.site/

Response headers

content-encoding
br
etag
9948334670676034740
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 15:26:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Sep 2024 15:26:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52335
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5516924106891393
Requested by
Host: g79.site
URL: https://g79.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
fb0677d1e9d9f305d51421e6af94177b0922e43c3bc6a1128629e9a681cd28d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://g79.site
Referer
https://g79.site/

Response headers

content-encoding
br
etag
4958569425024805321
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 15:26:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Sep 2024 15:26:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52562
x-xss-protection
0
server
cafe
banner01.jpg
101face.ru/ 		580 KB
574 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://101face.ru/banner01.jpg
Requested by
Host: g79.site
URL: https://g79.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b00dd67e064113faa3d2d7afd410d900a5ac09961d6aa25f20420bf6715e1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ebf40c-9114c"
age
105964
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqQDjRb3Cmj3aurBlilDhoZVeoPnuDPScDPTaIKEhB4WQra%2BSKIzqw%2FRWbi1nqjrVXU5G1gvdDrdGmkIilpyJLsqWPZLd9oFajE%2Bcs07BgSEtLvBB%2BqJadt8AiL0"}],"group":"cf-nel","max_age":604800}
cf-ray
8c62d5f5ef631c08-AMS
expires
Sat, 19 Oct 2024 10:00:42 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 15:26:46 GMT
content-type
image/jpeg
last-modified
Thu, 19 Sep 2024 09:51:08 GMT
vary
Accept-Encoding
server
cloudflare
8-Nutritional-Rules-of-Lean-Eating-710x732.jpg
quiet-corner.com/wp-content/uploads/2017/06/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quiet-corner.com/wp-content/uploads/2017/06/8-Nutritional-Rules-of-Lean-Eating-710x732.jpg
Requested by
Host: g79.site
URL: https://g79.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.11.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fced3c0b0abe147e60d90f1288de7ca212f644b9d7157970080e550aa81fb139

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
37583
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaMsmLdH6owEPWVPANHiuIHYxw4ucVk1Ar%2FD2kXS3QT3mHSz699i2hQTzoiftueBiPyEx7fX%2F8p%2BISNOIjlYZIi%2BIBWeoVLT4U7Ml6vv8Xq%2BFwYKIxsGQUCWQnocaD7viq5T"}],"group":"cf-nel","max_age":604800}
cf-ray
8c62d5f5b8560a67-AMS
expires
Wed, 16 Oct 2024 12:29:26 GMT
accept-ranges
bytes
content-length
94342
date
Fri, 20 Sep 2024 15:26:46 GMT
content-type
image/jpeg
last-modified
Tue, 02 Jan 2018 10:34:46 GMT
vary
Accept-Encoding
server
cloudflare
SHRCOo9A3Pk
www.youtube.com/embed/ Frame 2F67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/SHRCOo9A3Pk
Requested by
Host: g79.site
URL: https://g79.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://g79.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Sep 2024 15:26:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
perfectcanvas
customfingerprints.bablosoft.com/ 		10 MB
776 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://customfingerprints.bablosoft.com/perfectcanvas?publickey=hnmqgcgu1egp0mq23n71kofsc5ooyt3y3eva3f19einqozc4g01jrop1o5hg04ai
Requested by
Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
fd91f318ea991b31c28e729ea80816bf7942b6705421a399519e3ca68f7a486e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
date
Fri, 20 Sep 2024 15:26:49 GMT
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409160101/ 		411 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4381450471092372&plah=g79.site&bust=31087173
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5516924106891393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4df60110cf1ef7b83a85952d80de492356a8560fccd336b3a37e28d6a80d025c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

content-encoding
br
etag
7481463734152974276
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 15:26:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 20 Sep 2024 15:26:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
141233
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240918/r20110914/ Frame 9015 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240918/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4381450471092372&plah=g79.site&bust=31087173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://g79.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
42599
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Sep 2024 03:36:49 GMT
etag
14908419571193397619
expires
Fri, 04 Oct 2024 03:36:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 6A3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4381450471092372&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1726846008&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fg79.site%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiepr=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726846007679&bpp=7&bdt=1203&idt=639&shv=r20240918&mjsv=m202409160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4949560173113&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95342766%2C31087173%2C95342338&oid=2&pvsid=77724950496758&tmod=645470865&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=735
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4381450471092372&plah=g79.site&bust=31087173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://g79.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Sep 2024 15:26:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
setcookies
fingerprints.bablosoft.com/ Frame 60E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fingerprints.bablosoft.com/setcookies
Requested by
Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.19.169.11 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3222241.ip-162-19-169.eu
Software
/ Express
Resource Hash

Request headers

Referer
https://g79.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
60
Date
Fri, 20 Sep 2024 15:26:50 GMT
Keep-Alive
timeout=5
X-Powered-By
Express
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240918&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4381450471092372&plah=g79.site&bust=31087173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7246800d380bcf54255510cfe1165121f98bad86c042974f06b7aefe1d452792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12792
date
Fri, 20 Sep 2024 15:26:50 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
g79.site/ 		265 B
697 B 		Other
General
Check archive.org
Download Go to
Full URL
https://g79.site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5291ef5cc8f03e3b074952ffcd698a37a25b710632acea4419e8b2d8c10fbbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"640ccb9d-109"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D37c7ctfpDlKOOK%2Fxn7y7d2ZekB%2FAl1JdPwgdNRs4T1P95POpJHVXXvLVqMzMJpFnCecfnivSXb9TJE1VWIr0gNjXdtVqhszjGrGEY%2F0w5vIIoLUKdjpQtz2cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c62d60e8cce9ffc-AMS
date
Fri, 20 Sep 2024 15:26:50 GMT
content-type
image/x-icon
last-modified
Sat, 11 Mar 2023 18:42:37 GMT
vary
Accept-Encoding
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4381450471092372&plah=g79.site&bust=31087173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://g79.site/

Response headers

content-encoding
gzip
etag
"1637097310169751"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 15:26:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Sep 2024 15:26:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6386
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://g79.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
36299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Sep 2024 05:21:52 GMT
expires
Sat, 20 Sep 2025 05:21:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://g79.site
Referer

Response headers

Content-Type
application/x-font-opentype
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://g79.site
Referer

Response headers

Content-Type
application/x-font-opentype
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://g79.site
Referer

Response headers

Content-Type
application/x-font-opentype

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240918&jk=77724950496758&bg=!FhWlFVrNAAbWYrMm9mI7ADQBe5WfOGey8ctQSq3Mj1uwS-ZB6pZsWGVx3phWgFlqSrolySqE0gpxeu7nRd-j7GCukg0jAgAAAVJSAAAAA2gBB34ANj2ABZswHsXFeMW7kFmFvtIveHhO41M5bYZD_YTK7NW_D9v9sgmBn-fLDbg499_CJj2Ysyui1QoAfpub7hJhDFmMszte_N7WTgL8QtiutLSGYeVY91ruaPFuDS7GA6vB4ZXPMhXhaEPUcHslUKECFXYNUBqeGEznKux0CkRtaZhybeZnkSButa_8yosbYjx11bMPJRPYPBNAf1IxD_Rt20o3NvjwLQQbdxVk1q6Eo0sGsFoPgJMQQJkC0XQec0zlz_-QAz6KQfTmAB9abiO-ZeQXgect2xWjbveEIHLzH3Vb6d1G8gnZQIforsnSAIvHEarK3uiTYZJaDtE6SuoKgMSTQBH2JoMoRYzStJuY5Vdw8TuvWz19JklLMbNnt0tvH1OpAadWfcCEfKd_Ng2AwnEvX8FB-I-wP2nv6xRy-5l5z_HRH1nFCzFKz4PwL--4knKfKyOf3EZnreLPcmm494Lw8EMB-YhBNKD8lr2AE0sbiFo0sZVwwa3HPjfJkRE-XZ0LRSyAX1ZS1HtUnm-FPiMS2wJiO2rCNJTYcJzQ22iPA6M6r2MWft15GrgwNNm0ssWBiKqRuUFfEJ3x3ky3wA7yQu6pN74MadbCMr-ELIV-gBv_vVstlI0Q70O9Y_ftPTACp8POz4Vsb9fuJzHultfbtMmDKT7_k6j-U2zTb0jb6wc1lnzIcJ2p2rnugx9NkaUN9oXVoZYjYg__i9K-7fGpGCoGMfEl2gWobOySHTa7-tX4Pebn7Kb8hUUNss0Q7ZsXPxb8eZ-EiMrfEs60Q_lDWtcSnn1llIIRVOcKhTSv6J3-2xknseoVgmcAU_i4uvkpfUBVXDTpgu0BwCnga_IXORKoS_0yEGim-FuZTqp9grxaVM9F1A3-TzSVNysAoKstdBCX2sAxFfm2xRj1Si5By0kucp22jwbSawjNnFm2SepkW0-_jXVotgbimor8hHKkmZyBDCfow9JqY69fOt1JXQb8dNV2qXp77dlZdT6I3rQO98eYy3VSj8lzh-uIK9iVojFgqlUJR9X6lxQrU7rBhQUViy8dKIG8d3_FyaSlSoy6BFMzwUWO3lH6TabKUIRNpJvvc9epcHliAETkEcE4LRETPm0sMaMccEQjhT3LAhmEX-kiRtdeo8KHtanTrsGg0NFm3VKCF6uPINXpyiU9-MVB0Se9qrXVj2l0cdjQs9-pzkl2CrXzqEk

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| FontManagerData function| FontManagerGlyphs function| FontManagerHashGenerator function| FontManager function| GetSystemFontData function| GetWebGPUData function| getInstalledExtensions function| PerfectCanvasPrecomputed function| PerfectCanvas function| ProcessFingerprint function| ProcessFingerprintNoCache function| ProcessFingerprintInternal function| showNextBanner object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
g79.site/ Name: c5ac5916ff3647d0d20290ea06434c3f
Value: 0
.youtube.com/ Name: YSC
Value: IHZmVo3-F-s
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 9EjQm1A1d2o
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJOTBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgVQ%3D%3D

7 Console Messages

Source Level URL
Text
other warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to parse video contentType: video/ogg; codecs=theora
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101face.ru
customfingerprints.bablosoft.com
fingerprints.bablosoft.com
g79.site
pagead2.googlesyndication.com
quiet-corner.com
tpc.googlesyndication.com
www.youtube.com
pagead2.googlesyndication.com
104.21.11.159
142.250.185.130
143.198.242.75
162.19.169.11
188.114.96.3
188.114.97.3
2a00:1450:4001:800::2001
2a00:1450:4001:809::200e
0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158
4df60110cf1ef7b83a85952d80de492356a8560fccd336b3a37e28d6a80d025c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7246800d380bcf54255510cfe1165121f98bad86c042974f06b7aefe1d452792
77f54e3f6cd6ff63ae6cbe0bbb12516e5e95f5f005c141fdc93fc48284d5ce93
7e6a4afa8128933e6da0cce6de4c4a0f008e0dc5fe76d8e1a97c1d5f881fc015
93ef8c3872b0dd9e9b1f3fd9451821b4cd4fe5b0cc636573cdf05d112a032636
b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e
e6b00dd67e064113faa3d2d7afd410d900a5ac09961d6aa25f20420bf6715e1c
f5291ef5cc8f03e3b074952ffcd698a37a25b710632acea4419e8b2d8c10fbbc
fb0677d1e9d9f305d51421e6af94177b0922e43c3bc6a1128629e9a681cd28d3
fced3c0b0abe147e60d90f1288de7ca212f644b9d7157970080e550aa81fb139
fd91f318ea991b31c28e729ea80816bf7942b6705421a399519e3ca68f7a486e
fe48bd32e46a6150d42d6759f39ece0056559bf5a33420307d152756d5249c4a