noxfile.com Open in urlscan Pro
2606:4700:3036::ac43:bead Public Scan

Go To Rescan
Add Verdict Report

URL:
http://noxfile.com/42eaataabhri6kb
Submission: On January 31 via api (January 31st 2024, 11:25:30 pm UTC) from US — Scanned from US

Summary HTTP 63 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 8 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3036::ac43:bead, located in United States and belongs to CLOUDFLARENET, US. The main domain is noxfile.com.

This is the only time noxfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3036::ac43:bead	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
19	2606:4700:303... 2606:4700:3034::6815:2454	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::5e	15169 (GOOGLE) (GOOGLE)
63	14

1 2606:4700:3036::ac43:bead (United States)

ASN13335 (CLOUDFLARENET, US)

noxfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3034::6815:2454 (United States)

ASN13335 (CLOUDFLARENET, US)

noxfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:821::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:821::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	noxfile.com noxfile.com	172 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	364 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	172 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	32 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	250 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
63	8

	Domain	Requested by
20	noxfile.com	noxfile.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	pagead2.googlesyndication.com	noxfile.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	securepubads.g.doubleclick.net	noxfile.com securepubads.g.doubleclick.net
2	fonts.googleapis.com	noxfile.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	noxfile.com
63	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
wa.me
www.linkedin.com
pinterest.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
noxfile.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://noxfile.com/42eaataabhri6kb
Frame ID: 5EB4B2CA323A12E3F0E939DFB40A2171
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html
Frame ID: F872B259AAAE061BBF57745828E2C052
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9652551674112300&output=html&adk=1812271804&adf=3025194257&lmt=1706743526&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fnoxfile.com%2F42eaataabhri6kb&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1706743526000&bpp=6&bdt=484&idt=212&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7103008944088&frm=20&pv=2&ga_vid=1091881477.1706743526&ga_sid=1706743526&ga_hid=1275519801&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079965%2C42532523%2C31080826%2C31080817%2C95322183%2C95320869%2C95320889%2C95323008&oid=2&pvsid=4212896617830452&tmod=1473189113&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=228
Frame ID: 2413E995612B3AC16DCC258C154D72F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9652551674112300&output=html&h=0&adk=1394946374&adf=3976019522&w=0&lmt=1706743526&format=0x0&url=http%3A%2F%2Fnoxfile.com%2F42eaataabhri6kb&wgl=1&dt=1706743525899&bpp=108&bdt=383&idt=333&shv=r20240129&mjsv=m202401290101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=7103008944088&frm=20&pv=1&ga_vid=1091881477.1706743526&ga_sid=1706743526&ga_hid=1275519801&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=800&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079965%2C42532523%2C31080826%2C31080817%2C95322183%2C95320869%2C95320889%2C95323008&oid=2&pvsid=4212896617830452&tmod=1473189113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEr%7C&abl=CS&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=338
Frame ID: 06D2EAD5070E17C9634BD40D84D7137C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9652551674112300&output=html&h=280&slotname=7172016301&adk=3485345153&adf=1038138397&pi=t.ma~as.7172016301&w=728&fwrn=4&fwrnh=100&lmt=1706743526&rafmt=1&format=728x280&url=http%3A%2F%2Fnoxfile.com%2F42eaataabhri6kb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706743526007&bpp=2&bdt=491&idt=248&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C0x0&nras=1&correlator=7103008944088&frm=20&pv=1&ga_vid=1091881477.1706743526&ga_sid=1706743526&ga_hid=1275519801&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079965%2C42532523%2C31080826%2C31080817%2C95322183%2C95320869%2C95320889%2C95323008&oid=2&pvsid=4212896617830452&tmod=1473189113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253
Frame ID: C5DE7A6FFDF3934D2B4F3182D4029F31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB8E2BFFCD9A647BD7BF02D18B438678
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E63DB94DF9363154C764E59747C78ADA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NOXFile — Download — iNat Box v12.apk

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

90 %
HTTPS

100 %
IPv6

8
Domains

12
Subdomains

14
IPs

2
Countries

905 kB
Transfer

2706 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://noxfile.com/42EaatAabhRi6Kb

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://noxfile.com/42EaatAabhRi6Kb

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://noxfile.com/42EaatAabhRi6Kb

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://noxfile.com/42EaatAabhRi6Kb

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://noxfile.com/42EaatAabhRi6Kb

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 42eaataabhri6kb Show response
noxfile.com/ 21 KB
6 KB 365ms
321ms Document
text/html 2606:4700:3036::ac43:bead
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://noxfile.com/42eaataabhri6kb
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:bead , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5512e36bcef71d82d1f1c31cbb783bca1c650193f6498ee0b1e2c2cb9e0059b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84e5b6b7eaff4bcc-BUF
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 23:25:25 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcDgE6j4YEuXBU%2BdDb7gRjrZTSXh6Qvyz1UUW84E%2FiuSfo5uB54fysoEKzE69J8KQKmv1ovOmhuHW0lTRthGsWtk9eTOF1hMeuK%2BiKR7bKq0epTFSpBf9eSeaBIkvz%2F1qQpX1Doli%2B2Glw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 95ms
39ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 22:54:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 23:25:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
495 B 109ms
53ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700&display=swap

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8b72532f62a67889afcd26f718c2f6fb076407fc38f0d1f880457db7aa96408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:25:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 23:25:25 GMT

GET
H2 200 bootstrap.min.css
noxfile.com/assets/vendor/libs/bootstrap/ 159 KB
25 KB 279ms
214ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/bootstrap/bootstrap.min.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 19:42:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdUycsSoHzmXSJuJ0%2B6ibIDtwdpQ%2BHJsp1mYTH3%2FUKOoFyGg9oeOQ05q2QuY2AIb6wGbqnCaff1P%2BqK1rJ6Eja4T1FUCofzsz5fvkdEwDoUmVEVgAH9T6nBCZQEEjhcvA2mI02%2BKfCUG1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc884bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome.min.css
noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/ 98 KB
21 KB 280ms
215ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/fontawesome.min.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Jul 2022 16:22:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGU0Olre4vSnQy%2B3ZkIYP0MfK7QzalLwdZZNMxjy%2FaddvZrd%2BGKEWmW4kUKYr%2BPIc6XwtSVLyZYODY8ph2PZcUyYdYUg8CU6Mi3pXjd%2FYWF9JV5LQk1xIyPuH%2B8M9yBfTv3dMcyhgXHK1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc894bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 toastr.min.css
noxfile.com/assets/vendor/libs/toastr/ 6 KB
3 KB 281ms
217ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/toastr/toastr.min.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a34df602208737c03a159949be4f22ed4c843ce4dbd5a0211ae34ec190fd6403

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Dec 2021 20:27:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okMAd3nLR38XWFz9ZNNdjMBQ4TLUcZjNmvnK1x57TB%2F1XsMeiQn5AV%2FIrWnn0pv%2BcefXxCGqSkm3GutQxmuVKMkJJEKIuomRRK52WQJrgRd7fsAPHfB95%2FFUWBhaq061I%2BDFEmL94wgN6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc8b4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 simplebar.min.css
noxfile.com/assets/vendor/libs/simplebar/ 3 KB
1 KB 280ms
216ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/simplebar/simplebar.min.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f1018c32be3d6be2fbe926c035e3e2321fbb09d5a04abdb45ddf3cfc3ae085

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 19:17:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JGZDeq7K%2BNC4tbLXzqzYy4IRYZv8%2BazLSd7%2BQ3G2r1OKbepOWwVDPq6QX6XjU%2BSdx%2FXPYg183KxaMfrmdFA89zYddT%2BZVMzoXLu7ArYmniKWyXGxeWLIc4jSWexRewtb8P2kbs9leGJlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc8c4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 colors.css
noxfile.com/assets/css/extra/ 176 B
398 B 275ms
212ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/css/extra/colors.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79b93c5200d6753fa61794c75866628d3dedfbd45a126d7acc7dbce42486dee7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 23 Oct 2023 12:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5Be%2BQUnLZH%2B%2BxLiTMjltKGb%2B5QqjmlTS3ToWAgooIBfdI08V9fcFJRYdyaVxjxygJxpOk7fAiQNG8nKLiJYfKIT3U%2ByMftYGYiyBNSyoZ%2Bsaww6h5FvWp2neWUgUhfusAq8ONJAi%2F8PlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc8d4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 extra.css
noxfile.com/assets/css/extra/ 883 B
627 B 276ms
213ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/css/extra/extra.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d45a35c655775f855c086ee6839bab57c07390900cbdb3037691f1e5a8cd84f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Jan 2022 00:35:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfJe3ML2%2FQTFZQs9LQ1feENBJecFg2UtuDkcPdN0z88NDouM2aRal9zy4LwXvEkuaJ7m%2FiuL%2B%2F74E%2BnkynqJYaROhThQr5GDM2UrVvsnwfqSPRuMArh3E1UR%2BMKBKEzu4OXRSTz8LQmHdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc8e4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 application.1eee54d9f4d8d39d147baa15a2bd9442.css
noxfile.com/assets/css/ 44 KB
8 KB 276ms
213ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/css/application.1eee54d9f4d8d39d147baa15a2bd9442.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4b98cf63f1b73d1fa5ca182c399231f8598843c8e85c6f9c76ec06d0a4fae7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Aug 2023 04:42:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j05qeZYjz6JVDViSDG9SWbXYSEDYV%2BtrISrTU7n2F6ac2WVSbKTVRTyh6fs44SYtZ8wIEzydGoJKBFI%2BujymuyAPv%2B60cnijc38hIwe9SQTjvUjdujixO85bLiTdN3YiwqHxSt4oXh2S9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc904bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.css
noxfile.com/assets/css/extra/ 1 KB
862 B 273ms
211ms Stylesheet
text/css 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/css/extra/custom.css
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898996c96e8958444d5299c1393424ea6cd5a9ff4b6c952f321e96128525cb1e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 29 Dec 2023 05:34:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0di32e15lqGdtTCVRWyXsgk7firMJX%2B6DaHIPS723%2FqPVS7uAWJpBNvr9pk5GJsNzC6OgKOl3AM5RVnjv2rAAfaGvL4%2BqxzRl2V8C61Ibpjl49duQeNg3f2DZvPvUevwQQSX3ZzUznpglg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5b6bafc8f4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 118ms
58ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9652551674112300

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

042b784e720752386e11d7466a125a04dedb7f5df9ed0b0eedcc1f5e1573d219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
Origin: http://noxfile.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51634
x-xss-protection: 0
server: cafe
etag: 7025244383870565053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jan 2024 23:25:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 157ms
81ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a60f9a2092be3c1550fb852aae81fb3b81dcc66693567dd3828911131a6e53c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29469
x-xss-protection: 0
server: cafe
etag: 243 / 19753 / 31080791 / config-hash: 2548535710906904626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 23:25:25 GMT

GET
H2 200 dark-logo.png
noxfile.com/images/ 4 KB
4 KB 209ms
209ms Image
image/png 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noxfile.com/images/dark-logo.png
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a012aa63115b1e462aa462d543a8e926fcfc269b6755ac7a40ab56f1897fbbe7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Jul 2023 13:18:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOD%2F8OeVwffypc5Yq69o8DbN4twWx4Uh27AmCNuCI6MbDKZXEHkX7cAOMmfCyGjluM967mi13WKAzsbVQhIlr8%2BmL1Vvw6XZzen0%2FK6di5b3f%2BdQXkLrJBvKJ%2BSbckbwOwrkdLaT1bICqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5b6bb2c9f4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 3874

GET
H2 200 en.png
noxfile.com/images/flags/ 673 B
1 KB 212ms
212ms Image
image/png 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noxfile.com/images/flags/en.png
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c9b7dcd76cbe43ed0ad40605b09ef24c3e30a05e0b7bf9b3be1502d07fab84

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Jul 2022 23:53:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDHeaLYDDR335GBmyghglsKuNTuD77CqisFbOwdESbXmTQs2YDSc1%2FRAApEXyUX0s0hcdhGJr00h6gupu68OCNeDJ6gTHLOuOV9wmU7xS9cxYKBozQ%2FEnAnyLXjQc3KK3CJanwsSkm%2BYbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5b6bb2ca14bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 673

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 26 KB
11 KB 76ms
51ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

HTTP/1.1

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09bdb68bfa8b2f00c1bdee16568ba1c23c8b9ea88a020bb05185cb81635f31d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 23:25:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1853002498752355808
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10968
X-XSS-Protection: 0
Expires: Wed, 31 Jan 2024 23:25:25 GMT

GET
H2 200 apk.png
noxfile.com/images/types/ 12 KB
13 KB 217ms
213ms Image
image/png 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noxfile.com/images/types/apk.png
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f5837a8213ea64a50f91b2bdd0fafac9c100f8e8a43a03beba9fe4a0f94324

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 18 Jul 2022 00:26:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQ0VAbhJEp2cqF%2F8Az0YJdMLwSyZJKtW2diaZHKuAe2IA9JKpsd5F86C3AVw1%2BagikyQHoscmv6yWqL5thPz2kX2riQNKum5bFqdu31cF6vVPT4v8hwW7JOHEtDinbbSrbMvx%2BgYExD%2Fzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5b6bc7d1a4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 12583

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 111ms
51ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52Z949DQFZ

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43b4c9fc9db5581cc1bf7e4d82927dc97fce0ee3efd7e0b1b76650c4384fc2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94017
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 23:25:25 GMT

GET
H2 200 jquery.min.js Show response
noxfile.com/assets/vendor/libs/jquery/ 87 KB
32 KB 131ms
128ms Script
application/javascript 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/jquery/jquery.min.js
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 19:56:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3jZ7nh6WI40HiBVWbZwgkZAYndq48j2B6oufkGYe2gH3usn1qconpSwfPB3qAtcseaias1HwKUCrQmGt6X3DQj4dDSY5X9QCSHNvk5LNJ3EZPQEYsWUGWbtRMeSJ6zW7zbbSMElJa%2FSGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5b6bc7d1c4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.bundle.min.js Show response
noxfile.com/assets/vendor/libs/bootstrap/ 77 KB
23 KB 129ms
126ms Script
application/javascript 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/bootstrap/bootstrap.bundle.min.js
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f27c2a51f4f713efda3881de03697fdce7a5022874d94d5256e106e0322d598

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 19:42:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV%2B5zLJ5b%2FdMPr3jBHLeeNgtL7cYA0AKZkO3W8aLigfoXd253d9jno8RuNNqiZkmJG%2BxPuqTj6kzz3L3axWxuSQCQN976mis88NOLfwAcEE%2FbMOxpOr4JfhWjsIqnci%2FPNnnfv95N7WWCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5b6bc7d1d4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 toastr.min.js Show response
noxfile.com/assets/vendor/libs/toastr/ 5 KB
2 KB 126ms
123ms Script
application/javascript 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/toastr/toastr.min.js
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe565f3385448e1ec8d57dc2c1639d723561f1aabc2e3d547e284bbf9f9b073

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 04 Oct 2021 20:28:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F98N5BUVqDFS5Y%2BHI1AUMvlrp9EwQ6oaLfRr1X%2BPODkBU0s2bStVfxeeMjQLojKMf%2F%2BqVKFkukVQt0jYjAW0%2FeRjPQHMSP1gCSejBcIlWVgmx5w%2Fyn7oYjdtdVzFex1KpZ34J6qYRWnRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5b6bc7d1e4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 simplebar.min.js Show response
noxfile.com/assets/vendor/libs/simplebar/ 57 KB
18 KB 126ms
124ms Script
application/javascript 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/simplebar/simplebar.min.js
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c3c7a018149bfa70ac78df0f5d49a74c909da2aed3c7c9ae24a5592e9bbff9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 22 Mar 2021 16:51:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB6j8BS4iZDa3xiyPnoiFQDmSvW%2F2GoyFxJwjEplYa9ZD%2BBBvkSyMZhV35H3LcE1vc2pdlR%2FGMZCwboK4N%2B4yWuG0G1zLNfvXtOqBZ5uKmpUSBHwd%2F158lIzY%2Fvoi0Hp7IfFDj8P8xFGsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5b6bc7d1f4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 clipboard.min.js Show response
noxfile.com/assets/vendor/libs/clipboard/ 9 KB
3 KB 127ms
125ms Script
application/javascript 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/vendor/libs/clipboard/clipboard.min.js
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 261ffa06f381039cf7d18984d1364c59f3c2b9b60b1fa05d5f9c8c152e4d5be5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Jun 2021 20:03:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hq0FyVTubBFw6Ov%2BHLFr%2FbGsMj5o6ngb1GeauwJ4QKEyVMaffm0JtcdnDmrT6io2spPxVZ93B7golTZ4RJkUG94d8Kkd%2B%2Bq1SoRiJF67UyCoCfhROV%2FORluF9ZUe2%2FMXSCToQ5LUh2pLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5b6bc7d204bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 application.ef3081e4ac92276216f2472e96b51c6a.js Show response
noxfile.com/assets/js/ 23 KB
8 KB 217ms
215ms Script
application/javascript 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/js/application.ef3081e4ac92276216f2472e96b51c6a.js
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae382d9fb8fa5a70de8903c013eb6450b589fe54a997a4cc70bf55c004cbf53c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 01 Jan 2023 17:04:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHfO4Lp5khS8pyvF6tigCHnrZoya4rtc0Efcn9bcLhNtFEpOvQIlhncz0uHtDQ3PHOILv91A5R731InZmBsG%2F3oY0QNZQPn%2FsV6%2F9KD8axRql9D%2FRMlaRaXRzKeNFXXT62b6X%2BYeTKOhVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5b6bc7d214bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 extra.js Show response
noxfile.com/assets/js/extra/ 2 KB
844 B 131ms
129ms Script
application/javascript 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://noxfile.com/assets/js/extra/extra.js
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e2cfc10e90c257761d93ea813670288980565c75ecb14efe3e2851a6bf76a7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Jul 2022 15:36:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcGyfOfuxaDiRl6XkGNa4cK55LwRfwp8pvnBn6uZ0HcMnkyEnfeMuyQ14P8xTG%2FZfhTJWzjsRm0GpsNHRDiEckyINnX7VOUmSi8zzA9Q7ZvscVt7Mt%2BI8L7LQcFRl2hL%2FL4Ae3YSCI2hLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5b6bc7d224bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 en.png
noxfile.com/images/flags/ 673 B
964 B 36ms
35ms Image
image/png 2606:4700:3034::6815:2454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noxfile.com/images/flags/en.png
Requested by: Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c9b7dcd76cbe43ed0ad40605b09ef24c3e30a05e0b7bf9b3be1502d07fab84

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Jul 2022 23:53:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3P16RdQZnu2W85Twxe%2F5xliKTwxdvca7pmNpkn4TgdNGm4kJRgznxG0DyY8cklT%2BTw2nSN%2FgBubdJh9FBdoQMgL75Z2Ok8FjGUNBMH%2F%2BQjXSb83U9jExXcHr8ibb1iNyyW5PAAVFuRHbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5b6bc7d234bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 673

GET fa-solid-900.woff2
noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/ 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 81ms
24ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://noxfile.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:03:44 GMT
x-content-type-options: nosniff
age: 494501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:03:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 137ms
81ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9488b3aec978d53c03fa2f733ef9bd30c932031f0c2cab225dc2ec554bd9bab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51625
x-xss-protection: 0
server: cafe
etag: 7484643152330057524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jan 2024 23:25:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 75ms
75ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9652551674112300

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f508cbfc7a71894f92358fd3ec6421bffb893e9c278595d1eb8851bd7d8a7b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
Origin: http://noxfile.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51634
x-xss-protection: 0
server: cafe
etag: 8898692607092974239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jan 2024 23:25:25 GMT

GET fa-regular-400.woff2
noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/ 0
0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 29ms
28ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://noxfile.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:56:48 GMT
x-content-type-options: nosniff
age: 494917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:56:48 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 406 KB
138 KB 128ms
127ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js?bust=31080817

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9652551674112300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f9413a58466bb8dcb4e529623c30b7ae7791807e404a48c11e1ead8f0644ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140872
x-xss-protection: 0
server: cafe
etag: 5392013036571081868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 23:25:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/ Frame F872 9 KB
5 KB 86ms
24ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9652551674112300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 21:11:46 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 21:11:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET fa-solid-900.ttf
noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/ 0
0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 436 KB
136 KB 34ms
24ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080791

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6742
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139565
x-xss-protection: 0
server: cafe
etag: 12534472742743793976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Jan 2025 21:33:04 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
250 B 114ms
37ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-52Z949DQFZ&gtm=45je41v0v9134317772&_p=1706743525904&gcd=11l1l1l1l1&npa=0&dma=0&cid=1091881477.1706743526&ul=en-us&sr=1600x1200&pscdl=noapi&_s=1&sid=1706743526&sct=1&seg=0&dl=http%3A%2F%2Fnoxfile.com%2F42eaataabhri6kb&dt=NOXFile%20%E2%80%94%20Download%20%E2%80%94%20iNat%20Box%20v12.apk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1051
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52Z949DQFZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 23:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://noxfile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET fa-regular-400.ttf
noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/ 0
0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2413 3 KB
875 B 133ms
132ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9652551674112300&output=html&adk=1812271804&adf=3025194257&lmt=1706743526&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fnoxfile.com%2F42eaataabhri6kb&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1706743526000&bpp=6&bdt=484&idt=212&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7103008944088&frm=20&pv=2&ga_vid=1091881477.1706743526&ga_sid=1706743526&ga_hid=1275519801&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079965%2C42532523%2C31080826%2C31080817%2C95322183%2C95320869%2C95320889%2C95323008&oid=2&pvsid=4212896617830452&tmod=1473189113&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js?bust=31080817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67c003016d7ef14fe790386f9ea09ae17f37e3d6cd98729cff81b712d7344190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 23:25:26 GMT
expires: Wed, 31 Jan 2024 23:25:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=nav-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: noxfile.com
URL: http://noxfile.com/42eaataabhri6kb

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 23:25:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06D2 846 B
579 B 200ms
199ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9652551674112300&output=html&h=0&adk=1394946374&adf=3976019522&w=0&lmt=1706743526&format=0x0&url=http%3A%2F%2Fnoxfile.com%2F42eaataabhri6kb&wgl=1&dt=1706743525899&bpp=108&bdt=383&idt=333&shv=r20240129&mjsv=m202401290101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=7103008944088&frm=20&pv=1&ga_vid=1091881477.1706743526&ga_sid=1706743526&ga_hid=1275519801&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=800&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079965%2C42532523%2C31080826%2C31080817%2C95322183%2C95320869%2C95320889%2C95323008&oid=2&pvsid=4212896617830452&tmod=1473189113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEr%7C&abl=CS&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=338

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js?bust=31080817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bd997859d851a223d18aec000282c5c10ac74d73f5aa39a0963962d4d1e9881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 23:25:26 GMT
expires: Wed, 31 Jan 2024 23:25:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5DE 574 B
489 B 161ms
161ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9652551674112300&output=html&h=280&slotname=7172016301&adk=3485345153&adf=1038138397&pi=t.ma~as.7172016301&w=728&fwrn=4&fwrnh=100&lmt=1706743526&rafmt=1&format=728x280&url=http%3A%2F%2Fnoxfile.com%2F42eaataabhri6kb&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706743526007&bpp=2&bdt=491&idt=248&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C0x0&nras=1&correlator=7103008944088&frm=20&pv=1&ga_vid=1091881477.1706743526&ga_sid=1706743526&ga_hid=1275519801&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079965%2C42532523%2C31080826%2C31080817%2C95322183%2C95320869%2C95320889%2C95323008&oid=2&pvsid=4212896617830452&tmod=1473189113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js?bust=31080817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58de53b43663b438a44cde49a365d49f83bdd6cdf4f5bf71de2ca0555b75bd6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 297
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 23:25:26 GMT
expires: Wed, 31 Jan 2024 23:25:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-9652551674112300 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 160ms
92ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9652551674112300?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js?bust=31080817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af0ebe277e3be2e81f6aa226518fcd4b7bbbde2477699f58d25519c673a8ead8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GsLVC2BXSsrE84j_lNecrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-GsLVC2BXSsrE84j_lNecrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNxr0LAXEYB_C7J4-4JJm42XApZTSbDAwsFJmUpGSSxU2UyaR-N9iMwmK4wZ8gMkkMFnfesnhJMfgOn_ooczmsqFJKU6VVfE8bWIeOtIWWZFEHDlmLThDVbIpBvWpTE-Tfidxwf57J8zpTADS4By_0BjOZcNyygpWcYGdTsBeKuuAaeCeCI1PBs4XgORRswSUYssEj6KcNHkA7j0O8bHAGHhWDv9DYLVkHv8dlja9jp6_bMz_yH4JIVPM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxV7eYgqgh-JnUzHg1sx2BapglH7DPO6yhfkk76sbQLxEJoKVLqADvJefRKoGnIY0kjrsAPwOl3az0khU0zOulobmhHeMbmBGRPMGNdxgaI9epb5An9GO55S9IqGbQvekSdizQTQPQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
59ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7eYgqgh-JnUzHg1sx2BapglH7DPO6yhfkk76sbQLxEJoKVLqADvJefRKoGnIY0kjrsAPwOl3az0khU0zOulobmhHeMbmBGRPMGNdxgaI9epb5An9GO55S9IqGbQvekSdizQTQPQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzQzNTI2LDYxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL25veGZpbGUuY29tLzQyZWFhdGFhYmhyaTZrYiIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f6fb908f2da3d60cacb71b7c6ddcee71cfb534317718869672f78da0cc18ee8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-H0K_LpudYHcyX93YpHOmaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-H0K_LpudYHcyX93YpHOmaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5l4vr5kkgBiDSB-J_mK6RsQ7_DxYHkTPp2VK2I6K1vFdFY-II6rm86aB8R866az6q6fzrrlzHTWPUAc83w6awoQL2adwboaiKcEzmCdA8Qt0UA2EDulz2ANAuLPmTNYfwNx2e1zrHVALCx3nlUaiIV4OJ6tfb2WTWBCX8c2JgAo6Faq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUKYgi0PfJxkJfiA6u2y5dezGr6Uk_Z4AHw_xjHedTXE8NHutaTchZRS7gPUQeQHio_eAN1vnJViGiU2cqkbVo8nXg_bDFwBNnqtTggJMyG0t6OImSKYt0RyRG3VbjoLd7w2Kf-zw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 55ms
55ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUKYgi0PfJxkJfiA6u2y5dezGr6Uk_Z4AHw_xjHedTXE8NHutaTchZRS7gPUQeQHio_eAN1vnJViGiU2cqkbVo8nXg_bDFwBNnqtTggJMyG0t6OImSKYt0RyRG3VbjoLd7w2Kf-zw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzQzNTI2LDY3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly9ub3hmaWxlLmNvbS80MmVhYXRhYWJocmk2a2IiLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c289a08647f280bf8a2ee7057c34fa00e1be497d4c31cd9fb0893be77514d7ec

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6GMxgIV4t8EVbuSN1wkyqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6GMxgIV4t8EVbuSN1wkyqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxr0LAXEYB_C7J4-4dEkGJJPhUspoNhksLBSZlKRkkoWJ_0D9brAZhcVgMBpFSkkMFnfeUvKyMPgOn_ooMzmk-KSk5pOWsT1tYBU80hYakkFtOKQNOkFEMykK1bJJdZB_J7LD_XUmx_tMHtDg7r3QByaJuOWWFqxkBFvrglXINwVXQB0KDo8Ej-eCp5AzBRegxzr3oZPUuQutLA6xos4peJZ0_kJtt-AmuANL9oPLYTMG14HVOfk91vQHK2tXxw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js?bust=31080817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1042966624f59065e6c0d8a24480f589d991d1073adb4486e5224cce0785dae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 115ms
52ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js?bust=31080817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 23:25:26 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB8E 13 KB
5 KB 25ms
24ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 98293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 20:07:13 GMT
expires: Wed, 29 Jan 2025 20:07:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E63D 829 B
1 KB 206ms
46ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30416b49b95c6a73c83536dc2fec287f4aa908a6159e8e0ff7505786d07a3fe9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yape8htAZzRJwTzCXPQ6DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://noxfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yape8htAZzRJwTzCXPQ6DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 23:25:27 GMT
expires: Wed, 31 Jan 2024 23:25:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame CB8E 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 20:08:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E63D 0
0 87ms
86ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240129&jk=4212896617830452&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CB8E 0
10 B 25ms
25ms Image
text/plain 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0lHSJA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 CoastMarketplaceAdCategoriesJobs Show response
fundingchoicesmessages.google.com/f/AGSKWxWsj3SLqiL0_lZ6jC9UqmZ-cLvu6hMBWu_JpDYEIN1JcyKGQPu6pKcC3QxSDnGNIhzQSX0lIjgZnH4UgwvGqX3Gk31xALeN2KGg_PFVY0se6KakWSQXoRri9V3CeWRD_Oye42TdYO8qyXOmcCj9GjQsyLBMG... 54 B
110 B 52ms
52ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWsj3SLqiL0_lZ6jC9UqmZ-cLvu6hMBWu_JpDYEIN1JcyKGQPu6pKcC3QxSDnGNIhzQSX0lIjgZnH4UgwvGqX3Gk31xALeN2KGg_PFVY0se6KakWSQXoRri9V3CeWRD_Oye42TdYO8qyXOmcCj9GjQsyLBMGIwB_h_hF9EpD4dzx5Ann2_EPmej_NFG/_/advtBanner._ad_view=/advertical._936x60./CoastMarketplaceAdCategoriesJobs?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e64b440697eab589cd82767f4f364fe5c7533128fbfdfb83ae2ea8fd7296d58

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RVXBNCxq5OUkMmQ-OQJF4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-RVXBNCxq5OUkMmQ-OQJF4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxj8LAXEYB_C7J4-4JJkwGy6ljGYZDBYWikxKUjLJwsQ7UL8bbEYdJYNBXoHIhBikuDtk8Wdh8B0-9VFmckgJSHE1IK1iB9rAOnimHTSlC3XgmLmQCRHVoCjUKgY1QP6Z5ITHyyLX2yIfqPDwX-kD02TCds8IVrKC7Q3Bbii0BFfBPRQcHgmeLATPIG8ILkKfNR5AN6VxD9o5HGIljdPwLGv8hfp-yS3wuhyGftPtnu34NJf_fYdVTw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24657
x-xss-protection: 0
server: cafe
etag: 1770201614985610734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 23:41:20 GMT

POST
H3 204 AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 110ms
57ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-57q-GWiskxFZ92cUAhjv2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-57q-GWiskxFZ92cUAhjv2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWIiH4_na12vZBG7cunudEQDz5iFt"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://noxfile.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 73ms
58ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nFC8eqGPF7P_qD3GNVazzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nFC8eqGPF7P_qD3GNVazzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWIiH4_na12vZBDreX7zOCADwFiEe"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://noxfile.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
225 B 295ms
97ms Ping
image/gif 2a00:1450:400c:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~ls2f123w&ctx=0&met.3=1113.no_3&met.9=1.s2~2.vq
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 23:25:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 59ms
59ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jJe6rE6nCV0e0_BXtJwsNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-jJe6rE6nCV0e0_BXtJwsNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWIiH4_na12vZBDrOXbvJCADxKyEJ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://noxfile.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 58ms
57ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hsqEcXro_H6e-LRatNc6Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hsqEcXro_H6e-LRatNc6Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWETuPKsMEAvxcDxf-3otm8CPWWdvMgIA8ccjXQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://noxfile.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWJYbf_wugoUsArQFEhYAFhzInTVeYVzi6lmWbu8xfQa2IbJ7HUiKoCnY14WruGBJT2WwVjE1EnCsA5-OG3e15M43gNyrJWWZx6wpWTH5h2MH36TveCB-uC2jX_lH9FgfD0or1Jsg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWJYbf_wugoUsArQFEhYAFhzInTVeYVzi6lmWbu8xfQa2IbJ7HUiKoCnY14WruGBJT2WwVjE1EnCsA5-OG3e15M43gNyrJWWZx6wpWTH5h2MH36TveCB-uC2jX_lH9FgfD0or1Jsg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzQzNTI3LDQyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL25veGZpbGUuY29tLzQyZWFhdGFhYmhyaTZrYiIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aa3bac66504e8991f1cfaefbafdb6a07e511b05bd1e4069e290947060eb9119

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SuqoC1cxd2w4jhumiGMzQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SuqoC1cxd2w4jhumiGMzQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxr0LAXEYB_C7J4-4JMmAZDJcShnNJoOFhSKTkpRMsjDxH6jfDTajsBgMRiOOSUJZOG9ZvCwMvsOnPspUDipeKal6JT26ozWsAkfaQF06UQsOqROdIawaFIFKyaAayL8zWeHxupDtfSE3qPDwXOkD43jMdE8JVtKCzTXBdsg1BJfBPhAcGgoezQRPIGsIzkOXNe5BO6FxB5oZHKIFjZPwLGr8hep2wQ1w-XX2gdNmMfq3vtmxnN_38h8sAle1"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXc97I1bfSVsG_Q8O_Z-kuy2OqU-fmQ9hSY43BXJIJaGhXB9MDPZwbQlv3akbrtfs1hScKr1_AJgaK8bfHNYJXoC4sxZNtdUgLYarHvla1zlzn3kVSsrxiK8V0Rdlr1KYQngJ66xg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 46ms
45ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXc97I1bfSVsG_Q8O_Z-kuy2OqU-fmQ9hSY43BXJIJaGhXB9MDPZwbQlv3akbrtfs1hScKr1_AJgaK8bfHNYJXoC4sxZNtdUgLYarHvla1zlzn3kVSsrxiK8V0Rdlr1KYQngJ66xg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_Y-XjBXWAz7kSn55cZtajw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-_Y-XjBXWAz7kSn55cZtajw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWIiH4_na12vZBBombv7KCADu9CC6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://noxfile.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
47ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWfCHfIkSih7AHlagTfGqfPi32fM7DKiGtM44MStpOIlwPkSl7Cme3Lfks646azuxJO3tM8AUa6eQJN0Fddxu9CnIzz2erYERkzMydl3h1bkqMxMev2fWAvSWaVMBjG82jbAiTvsg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pt40MsRBhaxwu-ffLBiRHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://noxfile.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 23:25:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-pt40MsRBhaxwu-ffLBiRHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWIiH4_na12vZBGbsPvmNEQDyLCEZ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://noxfile.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
91ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240129&jk=4212896617830452&bg=!kJOlk9zNAAa8BdJLnAU7ADQBe5WfOOKIM_C8OqIwU7vGawIC37AMly61kUy_z8bSp6cMH-LVOCeVk85BiqGKz-1RIPaEAgAAAGBSAAAAA2gBBwoAcbT8-nJFTmQhyDMXMq8TL46PQljHZ7ryzEk01H3Q5WCjvQFtdipl16fratjHYHO1BJxDOLWJ3vfXBzDdJrVAYuJBVH4PESRaTbTMreAXy-DbD47X6ChSLMLN3_3H1ef2Gfo5CGkIaL2DmF5M_e5fMtp9mQKpANzBoAak1fsB9P-Hf98okyn53mmH18xxLXGMd_aEIyLW1IyV_6-hXTSRF1IdZ76KYg55NFfF6S-T1QUaMSeIOdYRu71bghLs7daHTiILh1kvGu1mTzXozszppDhHGoTfD15UUx9VnV8qsIIXHx_gRg8s58eqesvY-_EeVTDoVgRAEqx-ONMKsDfQH6wHzLG2IkCPEZJQu2qtLHyaLt86EIqshdqeO8f7GaRWbNn-5ZVYL4O0GjjHeDySKvEGdf51DGvtE1KTcE4hAeD_IrezrAD1tdkDAw8bL3ZY5sNv8D-lTcraMAN-4gVHBZk6fwphOItGT5XBtNe55oSDbXB6JRz5K51REJWN0zPXGPfrPqrAwPca3sQ7Xx3U_kxi2b2v_W6W3IenSw7xXkU1uCUXOUMTSeC7xkYGmTwzS0389DiqdNBA4YixN94KF-JCLhi-IqBcx3M1d6QqZY3LvbumkfnLJ7STPu2bsaPgqTpKEsfmw_bqok6QHu2G-tdT1ZEx6OPlhchHCg9vTSf1MaTCX6PK1tcXPittXb2utD8fpNDK1jikouYKJlz90Dq0yC_kipPetFQKn3537wgNvusBra8Zsg7exDDlSpZo4k1HJxG2ckXCzVqMftwyvgLF4t-DhatHxVRnEsiUErbp3lbGXTgmrxBzC05DrXQOk1jnXIP07Am76HMrnCcof_ZcLFQfEMMQsGOpBjMxsfcpXEqy7Z_U9Yjc4rD5DVCfiIe68mmeiwmP1pDRrutRbmxL7OhecswEotSkAyUCy-g0YwMjBQgn0uzZYfx339ZQr0cbq5LvwXaoNELXJ6cMch0y3-y7hiLUsQyY64ZA8rKmqqf3gZ-DRDiIMIK43lBWK54b4Eog2JPuV-YizncHpJubQ8zYAvzklF2gVOJE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://noxfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: noxfile.com
URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-solid-900.woff2

Domain: noxfile.com
URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-regular-400.woff2

Domain: noxfile.com
URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-solid-900.ttf

Domain: noxfile.com
URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-regular-400.ttf

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
noxfile.com/	1970-01-20 18:05:50	Name: XSRF-TOKEN Value: eyJpdiI6IlRrMlI4aVNiV3U4NS9walpxWUhDMHc9PSIsInZhbHVlIjoiZTVIaW94dlVJS01yT1MwVWp0NFBkV1Q4bWpJU0ZzMVhSNkFHcnpGd2FMVGFlbXQ2UU5xWjhvSHZBcTcrYjJYQTBvQWd0VHZBZWl1b3ZGRGpvY0x1eGVGekltTnZLRW8wM1lOVGJqWTBMdTlpWXB4OE5NM1YrR2ZtVHdCMFIwWlkiLCJtYWMiOiJlN2MxYzA3ZjUyM2ZkMzk5MDAxZGYyZTk4MzMwMmZhYWQ3NTM2YjkwZTYzYzkyY2ZlODQ4MDhlOGRhNmRkY2FhIiwidGFnIjoiIn0%3D
noxfile.com/	1970-01-20 18:05:50	Name: apkbob_user_session Value: eyJpdiI6ImRhWHo3NzJGVVdYZzRydkFaS3lPa2c9PSIsInZhbHVlIjoiWE91LzZkeUhVeE0zbEM5Y09VcUNDNzFrZms2TnpmTUJqbG5ZMUZiNEFETlRMcTFsSG5qbEY5em5IcXJqbko2aytibmh4UVVLZ0UxcW95RVg0dGtJVWVKQkxGaWtSZlVwTEZGcUQvZnFpS1U2Smphdk9QSW9UWWM1OWYvRGZ6VTciLCJtYWMiOiI2ZDY4ZmYxNjlhZDAzYjYzNjIzMGJiN2FiY2ZiMjRjMTZlNjljZmI4MDExZjIyODE4M2FhODVkMjA4M2UxNDE4IiwidGFnIjoiIn0%3D
.noxfile.com/	1970-01-21 03:41:43	Name: _ga Value: GA1.1.1091881477.1706743526
.noxfile.com/	1970-01-21 03:41:43	Name: _ga_52Z949DQFZ Value: GS1.1.1706743526.1.0.1706743526.0.0.0
.doubleclick.net/	1970-01-20 18:05:44	Name: test_cookie Value: CheckForPermission
.noxfile.com/	1970-01-20 22:24:55	Name: __eoi Value: ID=45424a6ebd4b33f0:T=1706743526:RT=1706743526:S=AA-Afjb_5ndeOBB6bhkGR53eAnjj
.noxfile.com/	1970-01-21 03:27:19	Name: __gads Value: ID=2dee2b4ed410bd67:T=1706743526:RT=1706743526:S=ALNI_Ma78FlUvQDi8vVNMa0SzY-3MBFYFQ
.noxfile.com/	1970-01-21 03:27:19	Name: __gpi Value: UID=00000dbc7a203524:T=1706743526:RT=1706743526:S=ALNI_MYh8qs-P8N6wDAPQIuR7Iv6BS2htQ
.noxfile.com/	1970-01-21 02:51:19	Name: FCNEC Value: %5B%5B%22AKsRol8YJLog8KP8CkytjIqoRdkPtIWSxujkoDVr_F3yusnDG6krTR7_-Jyj1jHgri25KcGywceO4Uqqlt5EifMSPjj5_D4ZJ8NZTPlcL17oLosLsne8Vpjhul2k0VWyv5x_d0PBYhKvKqVBp5harKiQo-bHrCAUJQ%3D%3D%22%5D%5D

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://noxfile.com/42eaataabhri6kb Message: Access to font at 'https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-solid-900.woff2' from origin 'http://noxfile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://noxfile.com/42eaataabhri6kb Message: Access to font at 'https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-regular-400.woff2' from origin 'http://noxfile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-regular-400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://noxfile.com/42eaataabhri6kb Message: Access to font at 'https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-solid-900.ttf' from origin 'http://noxfile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://noxfile.com/42eaataabhri6kb Message: Access to font at 'https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-regular-400.ttf' from origin 'http://noxfile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://noxfile.com/assets/vendor/libs/fontawesome/v6.1.1/webfonts/fa-regular-400.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
noxfile.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
noxfile.com
2606:4700:3034::6815:2454
2606:4700:3036::ac43:bead
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::200a
2a00:1450:400c:c06::5e
00f5837a8213ea64a50f91b2bdd0fafac9c100f8e8a43a03beba9fe4a0f94324
042b784e720752386e11d7466a125a04dedb7f5df9ed0b0eedcc1f5e1573d219
09bdb68bfa8b2f00c1bdee16568ba1c23c8b9ea88a020bb05185cb81635f31d6
0f9413a58466bb8dcb4e529623c30b7ae7791807e404a48c11e1ead8f0644ad3
1042966624f59065e6c0d8a24480f589d991d1073adb4486e5224cce0785dae9
188a706590dc9e898c5c90a1da8346a9bc732cad28884386fbf20b05f4e83594
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
261ffa06f381039cf7d18984d1364c59f3c2b9b60b1fa05d5f9c8c152e4d5be5
2a60f9a2092be3c1550fb852aae81fb3b81dcc66693567dd3828911131a6e53c
2bd997859d851a223d18aec000282c5c10ac74d73f5aa39a0963962d4d1e9881
30416b49b95c6a73c83536dc2fec287f4aa908a6159e8e0ff7505786d07a3fe9
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
39c3c7a018149bfa70ac78df0f5d49a74c909da2aed3c7c9ae24a5592e9bbff9
3aa3bac66504e8991f1cfaefbafdb6a07e511b05bd1e4069e290947060eb9119
43b4c9fc9db5581cc1bf7e4d82927dc97fce0ee3efd7e0b1b76650c4384fc2f6
457d42dfc58373e2b07655f896ed685ba9729c2111684fd6eb02bf3697634939
4a4b98cf63f1b73d1fa5ca182c399231f8598843c8e85c6f9c76ec06d0a4fae7
53c9b7dcd76cbe43ed0ad40605b09ef24c3e30a05e0b7bf9b3be1502d07fab84
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f1018c32be3d6be2fbe926c035e3e2321fbb09d5a04abdb45ddf3cfc3ae085
58de53b43663b438a44cde49a365d49f83bdd6cdf4f5bf71de2ca0555b75bd6a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67c003016d7ef14fe790386f9ea09ae17f37e3d6cd98729cff81b712d7344190
79b93c5200d6753fa61794c75866628d3dedfbd45a126d7acc7dbce42486dee7
7fe565f3385448e1ec8d57dc2c1639d723561f1aabc2e3d547e284bbf9f9b073
898996c96e8958444d5299c1393424ea6cd5a9ff4b6c952f321e96128525cb1e
8f27c2a51f4f713efda3881de03697fdce7a5022874d94d5256e106e0322d598
9488b3aec978d53c03fa2f733ef9bd30c932031f0c2cab225dc2ec554bd9bab6
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d45a35c655775f855c086ee6839bab57c07390900cbdb3037691f1e5a8cd84f
9e64b440697eab589cd82767f4f364fe5c7533128fbfdfb83ae2ea8fd7296d58
9f6fb908f2da3d60cacb71b7c6ddcee71cfb534317718869672f78da0cc18ee8
a012aa63115b1e462aa462d543a8e926fcfc269b6755ac7a40ab56f1897fbbe7
a34df602208737c03a159949be4f22ed4c843ce4dbd5a0211ae34ec190fd6403
ae382d9fb8fa5a70de8903c013eb6450b589fe54a997a4cc70bf55c004cbf53c
af0ebe277e3be2e81f6aa226518fcd4b7bbbde2477699f58d25519c673a8ead8
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
c289a08647f280bf8a2ee7057c34fa00e1be497d4c31cd9fb0893be77514d7ec
c8b72532f62a67889afcd26f718c2f6fb076407fc38f0d1f880457db7aa96408
d5e2cfc10e90c257761d93ea813670288980565c75ecb14efe3e2851a6bf76a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f508cbfc7a71894f92358fd3ec6421bffb893e9c278595d1eb8851bd7d8a7b4a
f5512e36bcef71d82d1f1c31cbb783bca1c650193f6498ee0b1e2c2cb9e0059b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

noxfile.com Open in urlscan Pro 2606:4700:3036::ac43:bead Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

90 %HTTPS

100 %IPv6

8 Domains

12 Subdomains

14 IPs

2 Countries

905 kBTransfer

2706 kBSize

9 Cookies

5 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

noxfile.com Open in urlscan Pro
2606:4700:3036::ac43:bead Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

90 %
HTTPS

100 %
IPv6

8
Domains

12
Subdomains

14
IPs

2
Countries

905 kB
Transfer

2706 kB
Size

9
Cookies

63 HTTP transactions
0 data transactions