urlscan.io logo urlscan.io
SecurityTrails logo

u1503-cuio.quins.us Open in urlscan Pro
172.67.146.19  Public Scan

Go To Rescan Add Verdict Report
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Submission: On December 11 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 14 domains to perform 83 HTTP transactions. The main IP is 172.67.146.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is u1503-cuio.quins.us.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.
This is the only time u1503-cuio.quins.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    172.67.146.19 (United States)

ASN13335 (CLOUDFLARENET, US)
u1503-cuio.quins.us
wp.quins.us
2    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    172.67.221.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cryptednews.space
4    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
fonts.gstatic.com
12    142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
securepubads.g.doubleclick.net
1    2607:f8b0:4004:c1f::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
12    142.251.163.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f139.1e100.net
fundingchoicesmessages.google.com
1    2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
4    2607:f8b0:4004:c09::84 (Washington, United States)

ASN15169 (GOOGLE, US)
f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com
1    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
ep1.adtrafficquality.google
10    2607:f8b0:4004:c21::84 (Washington, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    142.251.163.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
fonts.googleapis.com
6    2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
www.googleadservices.com
2    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
pagead2.googlesyndication.com
2    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    142.250.31.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f105.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
16 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
94 KB
12 googlesyndication.com
f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
13 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net Failed
345 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 527
104 KB
9 quins.us
u1503-cuio.quins.us
wp.quins.us
182 KB
4 gstatic.com
fonts.gstatic.com
106 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
10 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 cryptednews.space
cryptednews.space — Cisco Umbrella Rank: 818940
49 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2458
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
83 14
Domain Requested by
15 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
12 securepubads.g.doubleclick.net 1 redirects u1503-cuio.quins.us
securepubads.g.doubleclick.net
10 cdn.ampproject.org securepubads.g.doubleclick.net
6 tpc.googlesyndication.com u1503-cuio.quins.us
securepubads.g.doubleclick.net
6 u1503-cuio.quins.us u1503-cuio.quins.us
4 f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com u1503-cuio.quins.us
securepubads.g.doubleclick.net
3 wp.quins.us u1503-cuio.quins.us
wp.quins.us
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
u1503-cuio.quins.us
1 www.googleadservices.com u1503-cuio.quins.us
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 lh3.googleusercontent.com u1503-cuio.quins.us
1 www.google-analytics.com www.googletagmanager.com
1 cryptednews.space u1503-cuio.quins.us
1 secure.gravatar.com u1503-cuio.quins.us
1 www.googletagmanager.com u1503-cuio.quins.us
0 googleads.g.doubleclick.net Failed u1503-cuio.quins.us
83 20

This site contains links to these domains. Also see Links.

Domain
cryptednews.space
Subject Issuer Validity Valid
quins.us
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
cryptednews.space
WE1		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
misc-sni.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Frame ID: 56502E40C9B2A5B25C1DC01EBAFF3918
Requests: 51 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: F6014A2AC6F6A348464A45C3B1EC4F9B
Requests: 1 HTTP requests in this frame

Frame: https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3CA841768C13B756FF0E50498F4D4011
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Frame ID: 392781227AAB2F1123C808B977307F94
Requests: 14 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: D629BF05CBBDC6D1860C1C726CB961D5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 72B0C008158314EEEBF9FE31D92CDB50
Requests: 1 HTTP requests in this frame

Frame: https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 845BB68A595DF53FEE181876036005A7
Requests: 1 HTTP requests in this frame

Frame: https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D6F838F3082C1975CA2B7436E6BAD2F5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Frame ID: A0F10F857A924E8B04C280117BE3FB81
Requests: 12 HTTP requests in this frame

Frame: https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F9DDC01CBDA1E3272A24D288764E529
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How Much Does It Cost to Stay at Resorts in Hong Kong with Your Partner? – CryptedNews

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

83
Requests

89 %
HTTPS

50 %
IPv6

14
Domains

20
Subdomains

21
IPs

2
Countries

1034 kB
Transfer

3899 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CdwXWsLZZZ9GrLKSI3rsP192LqQbchKeEfLzU-4HkE56uloaMDhABILq0l5cBYMme9oaAgKAZoAH0irrLPsgBAakC8wCvRdFPST7gAgCoAwHIAwqqBPECT9Ara8AhM0tKhwa0GYKDkp1VLQ-OpWT_-__jXdweZmT6D7VXJM3aMVteBF6K_UmAC2RYtyqQrmQXH3lzfjmIcjCfOUKb4BDXAgkIoZq-BM1P_7rQ6vxfKAgHRjB0pzQKZ15T7Zan0ujS--ZkjSWyQ2icOzG4YMhBZlkFNqj-Tpgh9mPBDanZDcZldDbawSkFp39i0jXnuqVT97JMfjJTBUM9N_Swx25SZ8FihU94FhaZwdQK9tEHRuK7a-OVijfqln0b-skQOBvOtGbFDSGO_qL0iGTxbPKX3NXn1uCHObj5FJvl-g4s4AOkHbk8lwvBwt-ZS7G2SyRJqGFOigzG-IZqwZI5opGeQNnwEQJh5238hlzMmIvQEAzHRbsoW3dsLQ-16E5J8Qcd9R06lnz1m1Tv44ga3YJISgqlAOGxCoXvfzLaxohUTKWfRfdHuPXqriHWvay75WtTFguJEb0gy7e5Z1G3t6I7awiZEwn2KZhDwASdxMn8_ATgBAGIBd7B9-xRkgUECAQYAZIFBAgFGASgBmaAB_TCiqsZqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCh4xTSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOljD_4bfiqCKA5oJImh0dHBzOi8vd3d3Lmtsb29rLmNvbT9nYWRfc291cmNlPTWACgPICwHaDBEKCxDw29322oS0wOEBEgIBA-INEwjQrYffiqCKAxUkhHcBHdfuImXqDRMI-aOI34qgigMVJIR3AR3X7iJl2BMKiBQK0BUBmBYBgBcBshcgChwIABIUcHViLTQ2ODQ1OTc1MzU5MTA0ODgYoK55GAG6FwI4AbIYCRICoU8YZiIBANAYAQ&sigh=X_lZOb6fvFE&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwCa7L7dD43bvszRHbg_NYWliokIZAxrVvRUSYTpIvABYUVqyK2vDk_R78yoOr5A-B-spPfSNVaKXTqiiYhnSeUT-EldPtiqx0ZCSzCjdLkYAQ&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7c65535d004ce0fb0000000000000000%22,%222%22:%220xbff6a9741f2adb530000000000000000%22,%223%22:%220x2ac56eb7f2154ed60000000000000000%22,%224%22:%220x4727839749637ba90000000000000000%22,%225%22:%220x8b5ba2827a06777a0000000000000000%22},%22debug_key%22:%2211326519762991909446%22,%22debug_reporting%22:true,%22destination%22:%22https://klook.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216801236340%22],%2222%22:[%22true%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225746767865993303041%22}&andc=true
Request Chain 64
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/ 		62 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3c3455c8cc702fdd58340a7858a86c8f235dc1cf4269d3d3a59c355992e5c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f06ad5bc9b12ebd-LAX
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 15:58:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://u1503-cuio.quins.us/wp-json/>; rel="https://api.w.org/" <https://u1503-cuio.quins.us/wp-json/wp/v2/posts/1639>; rel="alternate"; title="JSON"; type="application/json" <https://u1503-cuio.quins.us/?p=1639>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rgp%2BzP3UU7Av%2ByB5uXTj%2BwiBn0QSLk3%2BSgaLGQVrIk16JoDM9X4cKig4QdGGtn1IXiCCq%2F3yGsQCPT%2FPXY8pWIU7yUFCmmISLXfA3QeAO8qQsgdtkmsKcaxF8fe8XeteQJGxBkdp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=72612&min_rtt=71512&rtt_var=12135&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4537&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=178362f7814d86ef&ts=693&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
style.min.css
u1503-cuio.quins.us/wp-includes/css/dist/block-library/ 		112 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u1503-cuio.quins.us/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1c012-6733d239-1c4ed9de;br"
age
3088
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyVZbtiOJYruBD9%2BwzH6cYVK9SLJChzsdZJBM0fgRgUZMisttaCiWYXL1VHOpXNZsRehhwzbU3bPE8o9N%2FxAqlxs5CyQivT3YuTJlpPlww%2BpslphJLZSYUZzAHSvb3IWmAXmQAkE"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 22:19:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=74871&min_rtt=71512&rtt_var=4744&sent=30&recv=22&lost=0&retrans=0&sent_bytes=22612&recv_bytes=6156&delivery_rate=190371&cwnd=16800&unsent_bytes=0&cid=178362f7814d86ef&ts=860&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/css
last-modified
Tue, 12 Nov 2024 22:10:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad6088d32ebd-LAX
x-turbo-charged-by
LiteSpeed
server
cloudflare
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7CLato%3A100%26subset%3Dcyrillic%2Ccyrillic
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d25825c89e9e42bf60463aacb87c38307e0279e6f6517de818bac6021080f15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 15:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Dec 2024 15:58:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
wp.quins.us/wp-content/themes/ad-mania/ 		275 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wp.quins.us/wp-content/themes/ad-mania/style.css?ver=6.7.1
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45ba6e591fdca93355b8a145c736f8eece478edfec3fd6d3e7c56de3a601005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"44d72-672fca51-503c51cd;br"
age
5291
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BHKG6w0P1IrxlCOMOar7P2fbIxnxnvf5lqiWJIY9CIrWiVK5P4HeQWzumgXbp1FTR0xZ4pfX5m5ArVQQgt3WyXFsO4cag%2Fzj43vBHemi%2FFG2%2FkmirqC7a5lHDimTw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 07 Dec 2024 12:20:32 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=74871&min_rtt=71512&rtt_var=4744&sent=45&recv=24&lost=0&retrans=0&sent_bytes=39436&recv_bytes=6793&delivery_rate=190371&cwnd=16800&unsent_bytes=0&cid=178362f7814d86ef&ts=890&x=1", cfExtPri, cfHdrFlush;dur=42
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/css
last-modified
Sat, 09 Nov 2024 20:47:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad60a90e2ebd-LAX
x-turbo-charged-by
LiteSpeed
server
cloudflare
jquery.min.js
u1503-cuio.quins.us/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u1503-cuio.quins.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"15601-672fca53-580f1eef;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXEqFWP5QbGk6mwTf%2Fg8gQQ7b7HSghPU%2FqQT9ysk0uKqxCaPQuXPyawKvqMMCnhPQs40sYi9qSZIMlAVYvBn3kw09hGLW%2FNSxjMO55ShLNK%2BLjBVmSCz1ZIGPNouuoOWRV9e1%2FJF"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72928&min_rtt=71512&rtt_var=327&sent=135&recv=62&lost=0&retrans=0&sent_bytes=144232&recv_bytes=8458&delivery_rate=628210&cwnd=74700&unsent_bytes=0&cid=178362f7814d86ef&ts=1079&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:15 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad6088d82ebd-LAX
x-turbo-charged-by
LiteSpeed
server
cloudflare
jquery-migrate.min.js
u1503-cuio.quins.us/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u1503-cuio.quins.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"3509-672fca53-580a021b;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnsvTwwEk8IOXAceyulmQN8nOiDGQSt%2BCN7Q8S%2FceZuj9ieyTVRrtlTmvRbKgVw%2Bu62F26%2BFCIl7sL%2BURSr9%2BHgvSQ4ExnvDsgQB%2BpS3AZJV8vU5%2BOBaWRadFZ%2BCvuFkkF2G%2FjUF"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72928&min_rtt=71512&rtt_var=327&sent=164&recv=62&lost=0&retrans=0&sent_bytes=177941&recv_bytes=8458&delivery_rate=628210&cwnd=74700&unsent_bytes=0&cid=178362f7814d86ef&ts=1091&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:15 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad6088da2ebd-LAX
x-turbo-charged-by
LiteSpeed
server
cloudflare
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2C0YTSFLGP
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d31f124b79592c4ea10779127a902356e5f31a3aeac4eabb2d8b3abee6d219f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 11 Dec 2024 15:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109788
x-xss-protection
0
server
Google Tag Manager
7ed72ff64a688860389bd8b8f51295fa
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/7ed72ff64a688860389bd8b8f51295fa?s=20&d=mm&r=g
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d99a69bb4378e72447801980ad59e8a7a9aac03e840895f71559b25ddb92b749

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

link
<https://gravatar.com/avatar/7ed72ff64a688860389bd8b8f51295fa?s=20&d=mm&r=g>; rel="canonical"
cache-control
max-age=300
x-nc
HIT bur 3
expires
Wed, 11 Dec 2024 16:03:38 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1028
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
image/png
last-modified
Fri, 10 Apr 2020 14:47:13 GMT
server
nginx
content-disposition
inline; filename="7ed72ff64a688860389bd8b8f51295fa.png"
cnews_logo.png
cryptednews.space/wp-content/uploads/2024/03/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptednews.space/wp-content/uploads/2024/03/cnews_logo.png
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663866fae5f47c90bef35eceda5d1899430ea5dda7a49a51df1dda608104b674

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cf-cache-status
HIT
etag
"c23b-66e7ec20-4c305482;;;"
age
3528
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbiAUYhE9MaI2A%2BuY1vt32aXHAjqXEPdD%2FTyLeLgepTNHp5BUtgc0d8S748%2B282hbKy8c7mCMF9zAXfHKIzWEpkOhSAmL6%2BQ2auAXLIOgGjBWybrGBu36BaCslbTWh0InG2idg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 08:41:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71598&min_rtt=71526&rtt_var=26966&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4139&recv_bytes=4338&delivery_rate=45261&cwnd=12000&unsent_bytes=0&cid=250b16454a29f1de&ts=94&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
image/png
last-modified
Mon, 16 Sep 2024 08:28:16 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad613a7ef7c7-LAX
accept-ranges
bytes
content-length
49723
x-turbo-charged-by
LiteSpeed
server
cloudflare
mincustom.js
wp.quins.us/wp-content/themes/ad-mania/js/ 		457 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wp.quins.us/wp-content/themes/ad-mania/js/mincustom.js
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a329ceb9efbcd662117b894ed5547a9a090aa97255f388c1365028e7dd998d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"724d0-672fca51-5801ea3e;br"
age
4541
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJwdYMgS0VIxanYADpXnCb1sT4Ucq66Eo811lOjxGHxKbLdYE3DlgD1xe0H9kUC70%2FajqdWEUdcuSBbAf5%2BgGkopcczb%2FkyP%2BTNUdAeQhisjeCET8ojYRwPXRs1ZVw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=74871&min_rtt=71512&rtt_var=4744&sent=45&recv=24&lost=0&retrans=0&sent_bytes=39436&recv_bytes=6793&delivery_rate=190371&cwnd=16800&unsent_bytes=0&cid=178362f7814d86ef&ts=887&x=1", cfExtPri, cfHdrFlush;dur=45
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:13 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad60a90a2ebd-LAX
x-turbo-charged-by
LiteSpeed
server
cloudflare
comment-reply.min.js
u1503-cuio.quins.us/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u1503-cuio.quins.us/wp-includes/js/comment-reply.min.js?ver=6.7.1
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"bd2-6733d239-300ca956;br"
age
3088
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wlP%2BslP4FjxN%2FHgI3TfW%2BMCCLgYsyPKxr9d88PG63T%2BPpGIK9ApTjxrDFZIF3hp%2BDT4CyTx66TORM1QZddYO1RzmdNLXLQQnBsOcENw9mbT%2FB2c%2FCE6r1EWAtI%2BuMDK%2FtDG3hatN"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72994&min_rtt=71512&rtt_var=1419&sent=172&recv=71&lost=0&retrans=0&sent_bytes=184069&recv_bytes=9196&delivery_rate=1006937&cwnd=74700&unsent_bytes=0&cid=178362f7814d86ef&ts=1290&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/javascript
last-modified
Tue, 12 Nov 2024 22:10:01 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad633ccd2ebd-LAX
x-turbo-charged-by
LiteSpeed
server
cloudflare
782d6e07-24b7-45f4-9721-7791b00112b5
https://u1503-cuio.quins.us/ Frame 		0
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7CLato%3A100%26subset%3Dcyrillic%2Ccyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://u1503-cuio.quins.us
Referer
https://fonts.googleapis.com/

Response headers

age
333460
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 19:20:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 19:20:58 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
fa-solid-900.woff2
wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/ 		0
0
ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTx8cK.woff2
fonts.gstatic.com/s/notoserif/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v23/ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTx8cK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7CLato%3A100%26subset%3Dcyrillic%2Ccyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
ae7c05e58a045d762217b2a3933232700c3e6b83ec230ebd7dbe2805940a5d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://u1503-cuio.quins.us
Referer
https://fonts.googleapis.com/

Response headers

age
524048
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 14:24:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 14:24:30 GMT
last-modified
Tue, 24 Oct 2023 00:59:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14612
x-xss-protection
0
server
sffe
wp-emoji-release.min.js
u1503-cuio.quins.us/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u1503-cuio.quins.us/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"4926-672fca53-300b390b;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EABdqjzbj0mPzBPzlksTc1MktiyUb8SFJ6awZ%2B0QeuPygGP%2B8aV%2Bc%2BRjelADdlTtozL5TjMdElDv61n%2FmdYf1xkQ8u3lnJ0rn085iF%2Fm%2BfF0BkdiBHJQf5ptsAPlYuS6w0uacPkI"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72842&min_rtt=71512&rtt_var=1369&sent=175&recv=73&lost=0&retrans=0&sent_bytes=186320&recv_bytes=9618&delivery_rate=20544&cwnd=74700&unsent_bytes=0&cid=178362f7814d86ef&ts=1532&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:15 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad637d1c2ebd-LAX
x-turbo-charged-by
LiteSpeed
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
490708fe9e1aa52f0b629138c769f4a80e1779f00adddce2e49e23c735d7b161
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
260 / 20068 / 31089265 / config-hash: 7910516128157792358
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 15:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 15:58:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33640
x-xss-protection
0
server
cafe
fa-solid-900.woff
wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/ 		0
0
fa-solid-900.ttf
wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/ 		0
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/ 		496 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
2279107579115022503
age
41561
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 04:25:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 04:25:58 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157504
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
595
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 15:48:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 15:48:44 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2C0YTSFLGP&gtm=45je4ca0v9198525174za200&_p=1733932718562&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~101925629~102067555~102067808~102081485&cid=2078764017.1733932719&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733932719&sct=1&seg=0&dl=https%3A%2F%2Fu1503-cuio.quins.us%2Fhow-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner%2F&dt=How%20Much%20Does%20It%20Cost%20to%20Stay%20at%20Resorts%20in%20Hong%20Kong%20with%20Your%20Partner%3F%20%E2%80%93%20CryptedNews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1988
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2C0YTSFLGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://u1503-cuio.quins.us
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:39 GMT
content-type
text/plain
server
Golfe2
22195652661
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22195652661?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5b49d7b64f5297cfd6b04639fb64c06220edf72d733a672cd61d137d303af3b0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DVFfSUXdqEy08lS6htRvcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxcWx4-2wXm8CFuapKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGBpZ6BsbxBUYA7u5EmQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DVFfSUXdqEy08lS6htRvcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXSf-13ctsQncUNJb2Uq3hqNoaWLDnDGpkGD0e_1w-PFTm0mpNIr2vMz_2KdjF7laBuWNCUYjJEPZXEGInZ8YLRpdFDi7JGEhyuL4c6dzjQK2VOmYKS5Z3kDKf8cH6qwbFvnOu8fw==
fundingchoicesmessages.google.com/f/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXSf-13ctsQncUNJb2Uq3hqNoaWLDnDGpkGD0e_1w-PFTm0mpNIr2vMz_2KdjF7laBuWNCUYjJEPZXEGInZ8YLRpdFDi7JGEhyuL4c6dzjQK2VOmYKS5Z3kDKf8cH6qwbFvnOu8fw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTMyNzIwLDM3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91MTUwMy1jdWlvLnF1aW5zLnVzL2hvdy1tdWNoLWRvZXMtaXQtY29zdC10by1zdGF5LWF0LXJlc29ydHMtaW4taG9uZy1rb25nLXdpdGgteW91ci1wYXJ0bmVyLyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d140fc2f82de060eba7c1e49d572035e45aa137ff9e3283f1dd195b86704da67
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xm2DJNkM2ku936ULT03u5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcGx4-2wXm8COzcvvMCppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZWOoZGMcXGAEAmj5F-w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xm2DJNkM2ku936ULT03u5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzeRb445gm-dUAhZZ8tAKsP7FSUzA/m=web_iab_us_states_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 15:58:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Dec 2024 15:58:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jnqHfC8hRmgJEFpH6laGyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:40 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdjw9tnu9gEPmzZuoNZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhlY6BmYxxcYAAArTiuF"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jnqHfC8hRmgJEFpH6laGyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sk2EkCMQyVI5OaqzOBrQzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:40 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdjw9tnu9gELuxq2s6s5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQws9AzM4wsMABP3KzU"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sk2EkCMQyVI5OaqzOBrQzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
PwEmEyPw410B5ABpCI1mvB1Cg6-jo90JZv7JI_Vhkz1jqWHHt39oKtLsYjkqrtyjAOLKbxEk8IQMgYWbKVmsTLRzU_Mz1nfuaMpNzdyrS7swV7lZ590=h60
lh3.googleusercontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/PwEmEyPw410B5ABpCI1mvB1Cg6-jo90JZv7JI_Vhkz1jqWHHt39oKtLsYjkqrtyjAOLKbxEk8IQMgYWbKVmsTLRzU_Mz1nfuaMpNzdyrS7swV7lZ590=h60
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
51a827dac65b3305db87b2a59c18cfd5653fdb4e77c1eec868c774c6fb07ca88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
3560
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:59:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 14:59:20 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1210
x-xss-protection
0
server
fife
AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jvp2ouumyhLr2M9FZ8-EZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:40 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdjw9tnu9gEZnzdtZ1ZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhlY6BmYxxcYAAArJSt_"
content-security-policy
script-src 'report-sample' 'nonce-Jvp2ouumyhLr2M9FZ8-EZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWuCM1aQ-Mw3tY0BN9qstTgKtw4y-V7JvAhcOxnPO3ZA0-PXaA0Q9BTMwL_eoKMvMUALExEOZPhRDwX6_auARH-an2EU8Ck12KVGCZq0MTMWQshXor3RzUWacum4_qPdB9Gll1wWA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWuCM1aQ-Mw3tY0BN9qstTgKtw4y-V7JvAhcOxnPO3ZA0-PXaA0Q9BTMwL_eoKMvMUALExEOZPhRDwX6_auARH-an2EU8Ck12KVGCZq0MTMWQshXor3RzUWacum4_qPdB9Gll1wWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTMyNzIwLDU4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTFdXSwiaHR0cHM6Ly91MTUwMy1jdWlvLnF1aW5zLnVzL2hvdy1tdWNoLWRvZXMtaXQtY29zdC10by1zdGF5LWF0LXJlc29ydHMtaW4taG9uZy1rb25nLXdpdGgteW91ci1wYXJ0bmVyLyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzEzLCJbXCJEQkFCTH5CVlFxQUFBQUFnXCIsW1s3LFsxNzMzOTMyNzIwLDQ0ODYyODAwMF1dXV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1567bf3a9a2521c2399880eb1878deefe50839d2720bcc29b51a302be8fd03c9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K6g3_Z-LwpKoCNSTxRbvJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcGx4-2wXm8COjScPMClpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZWOoZGMcXGAEAnH9GAg"
content-security-policy
script-src 'report-sample' 'nonce-K6g3_Z-LwpKoCNSTxRbvJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame F601 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1503-cuio.quins.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 15:24:54 GMT
expires
Wed, 11 Dec 2024 16:14:54 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213294767251991&correlator=2244990741075361&eid=31086815%2C31089341%2C31089347%2C31089265&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=22195652661%2Clfly&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733932720606&lmt=1733932720&adxs=430&adys=424&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fu1503-cuio.quins.us%2Fhow-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner%2F&vis=1&psz=740x0&msz=740x0&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733932718063&idt=1502&prev_scp=user%3Dnouser%26referral%3Dno%26zip%3D1639%26zip2%3Dlfly&adks=3152471010&frm=20&eoidce=1&td=1&egid=53532&tan=ad0a8fb2-e4ef-487f-864f-0c59e82b0a0d&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ce1548bc63604fb8562e3e4013bd51e771ad7dc5d27105216051592c5c617b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
11840
x-xss-protection
0
server
cafe
container.html
f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CA8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1503-cuio.quins.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 15:58:40 GMT
expires
Wed, 11 Dec 2024 15:58:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://u1503-cuio.quins.us
Referer
https://fonts.googleapis.com/

Response headers

age
470368
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 05:19:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 05:19:12 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
298664f97887240e72adb434316a4c19b6a40ba461e5970168408c85be1e1a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13166
date
Wed, 11 Dec 2024 15:58:41 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
cropped-android-chrome-192x192-1-32x32.png
wp.quins.us/wp-content/uploads/2024/03/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wp.quins.us/wp-content/uploads/2024/03/cropped-android-chrome-192x192-1-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a298400cc6236a4a7439ff3511e3b4d6d9fa158d640b268b317e14bce2610fb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cf-cache-status
HIT
etag
"430-672fca52-70b14cf9;;;"
age
4462
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEn%2FFcATf9CvpshgAG689HxyUcGfdoCYRyN9Zb1sKe9hQ8NtIG4NTB2ASFdlFG2HgQ46M5KWkCa7CCcLM6tm4au5yRC2iNqUaNLieZegHFlSicBIR1A9bYn%2FNjhbAw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 07 Dec 2024 12:20:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72688&min_rtt=71512&rtt_var=1335&sent=182&recv=75&lost=0&retrans=0&sent_bytes=192527&recv_bytes=10237&delivery_rate=69198&cwnd=74700&unsent_bytes=0&cid=178362f7814d86ef&ts=3849&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
image/png
last-modified
Sat, 09 Nov 2024 20:47:14 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f06ad732eb12ebd-LAX
accept-ranges
bytes
content-length
1072
x-turbo-charged-by
LiteSpeed
server
cloudflare
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame 3927 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
391718
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 03:10:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 03:10:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3927 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
414365
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 20:52:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 20:52:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3927 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
398109
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 01:23:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 01:23:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3927 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
414365
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 20:52:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 20:52:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3927 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
422536
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 18:36:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 18:36:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 3927 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
10d91823e45b6940f49d2ac0ed5b44bf28f12b4580ef20595424e392978aa1c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 15:58:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Dec 2024 14:20:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ Frame 3927 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b14bf40bc67594060272c07b2790374c293d0628ff636554904a18f9c393e23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3927 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
11660698925711390587
age
42277
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 04:14:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2471
x-xss-protection
0
date
Wed, 11 Dec 2024 04:14:04 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3927 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
426692510519060060
age
42219
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 04:15:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
295
x-xss-protection
0
date
Wed, 11 Dec 2024 04:15:02 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
/
www.googleadservices.com/pagead/ar-adview/ Frame 3927
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CdwXWsLZZZ9GrLKSI3rsP192LqQbchKeEfLzU-4HkE56uloaMDhABILq0l5cBYMme9oaAgKAZoAH0irrLPsgBAakC8wCvRdFPST7gAgCoAwHIAwqqBPECT9Ara8AhM0tKhwa0GYKDkp1V...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7c65535d004ce0fb0000000000000000%22,%222%22:%220xbff6a9741f2adb530000000000000000%22,%223%22:%220x2ac56e...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7c65535d004ce0fb0000000000000000%22,%222%22:%220xbff6a9741f2adb530000000000000000%22,%223%22:%220x2ac56eb7f2154ed60000000000000000%22,%224%22:%220x4727839749637ba90000000000000000%22,%225%22:%220x8b5ba2827a06777a0000000000000000%22},%22debug_key%22:%2211326519762991909446%22,%22debug_reporting%22:true,%22destination%22:%22https://klook.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216801236340%22],%2222%22:[%22true%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225746767865993303041%22}&andc=true
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H3
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 15:58:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 11 Dec 2024 15:58:41 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x7c65535d004ce0fb0000000000000000","2":"0xbff6a9741f2adb530000000000000000","3":"0x2ac56eb7f2154ed60000000000000000","4":"0x4727839749637ba90000000000000000","5":"0x8b5ba2827a06777a0000000000000000"},"debug_key":"11326519762991909446","debug_reporting":true,"destination":"https://klook.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16801236340"],"22":["true"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"5746767865993303041"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7c65535d004ce0fb0000000000000000","2":"0xbff6a9741f2adb530000000000000000","3":"0x2ac56eb7f2154ed60000000000000000","4":"0x4727839749637ba90000000000000000","5":"0x8b5ba2827a06777a0000000000000000"},"debug_key":"11326519762991909446","debug_reporting":true,"destination":"https://klook.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16801236340"],"22":["true"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"5746767865993303041"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 11 Dec 2024 15:58:41 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		60 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213294767251991&correlator=2244990741075361&eid=31086815%2C31089341%2C31089347%2C31089265&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=22195652661%2Cca-pub-4894725799002664-tag%2Cea4ss&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=4&sc=1&cookie=ID%3Dca05733227ea7443%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYxeQsO-bZlhEokH3r2-mjco4gb4Q&gpic=UID%3D00000fae7eb09ccb%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYQhn6t_wu2-QZCHKrMBMRIH3swyQ&abxe=1&dt=1733932721300&lmt=1733932721&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fu1503-cuio.quins.us%2Fhow-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733932718063&idt=1502&adks=255364305&frm=20&is_cau=1&no_cau_info=1&plas=188x945_r&eo_id_str=ID%3D9c5ca91ccf91d336%3AT%3D1733932720%3ART%3D1733932720%3AS%3DAA-AfjaXjcTSHy13Idwx-0I-DHX3&td=1&egid=53532&tan=ad0a8fb2-e4ef-487f-864f-0c59e82b0a0e&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
bb7e056129663a68cc0c5969b881417a1c3c3e70bea50d3011c417b59170ded1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 15:58:42 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
10178
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		106 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213294767251991&correlator=2244990741075361&eid=31086815%2C31089341%2C31089347%2C31089265&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=22195652661%2Cca-pub-4894725799002664-tag%2Cjcut&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&fas=3&sc=1&cookie=ID%3Dca05733227ea7443%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYxeQsO-bZlhEokH3r2-mjco4gb4Q&gpic=UID%3D00000fae7eb09ccb%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYQhn6t_wu2-QZCHKrMBMRIH3swyQ&abxe=1&dt=1733932721306&lmt=1733932721&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fu1503-cuio.quins.us%2Fhow-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733932718063&idt=1502&adks=2118046030&frm=20&is_cau=1&no_cau_info=1&plas=188x945_l&eo_id_str=ID%3D9c5ca91ccf91d336%3AT%3D1733932720%3ART%3D1733932720%3AS%3DAA-AfjaXjcTSHy13Idwx-0I-DHX3&td=1&egid=53532&tan=ad0a8fb2-e4ef-487f-864f-0c59e82b0a0f&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
2c0977a8b7b34411b2bca38ac29bf7d0ae02826e60274c8c012280fd31a8451a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 15:58:42 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
38834
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		238 KB
48 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213294767251991&correlator=2244990741075361&eid=31086815%2C31089341%2C31089347%2C31089265&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=22195652661%2Cca-pub-4894725799002664-tag%2Cea4ss&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&fas=8&fsapi=1&sc=1&cookie=ID%3Dca05733227ea7443%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYxeQsO-bZlhEokH3r2-mjco4gb4Q&gpic=UID%3D00000fae7eb09ccb%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYQhn6t_wu2-QZCHKrMBMRIH3swyQ&abxe=1&dt=1733932721309&lmt=1733932721&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fu1503-cuio.quins.us%2Fhow-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733932718063&idt=1502&adks=255364304&frm=20&is_cau=1&no_cau_info=1&eo_id_str=ID%3D9c5ca91ccf91d336%3AT%3D1733932720%3ART%3D1733932720%3AS%3DAA-AfjaXjcTSHy13Idwx-0I-DHX3&td=1&egid=53532&tan=ad0a8fb2-e4ef-487f-864f-0c59e82b0a10&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
375cfbbe726e5f03a6e1f887923b442905bce957cd72139071889d6ac3782489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
49323
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213294767251991&correlator=2244990741075361&eid=31086815%2C31089341%2C31089347%2C31089265&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABL~BVQqAAAAAg&gpp_sid=7&iu_parts=22195652661%2Cca-pub-4894725799002664-tag%2Cea4ss&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&fas=1&sc=1&cookie=ID%3Dca05733227ea7443%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYxeQsO-bZlhEokH3r2-mjco4gb4Q&gpic=UID%3D00000fae7eb09ccb%3AT%3D1733932720%3ART%3D1733932720%3AS%3DALNI_MYQhn6t_wu2-QZCHKrMBMRIH3swyQ&abxe=1&dt=1733932721311&lmt=1733932721&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fu1503-cuio.quins.us%2Fhow-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733932718063&idt=1502&adks=255364307&frm=20&is_cau=1&no_cau_info=1&eo_id_str=ID%3D9c5ca91ccf91d336%3AT%3D1733932720%3ART%3D1733932720%3AS%3DAA-AfjaXjcTSHy13Idwx-0I-DHX3&td=1&egid=53532&tan=ad0a8fb2-e4ef-487f-864f-0c59e82b0a11&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
9c15a9227d1f2273a74e7cf6a1b3e637cde1108d22ed02a339976d8b8c6dcf90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 15:58:42 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
11121
x-xss-protection
0
server
cafe
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl_page_level_ads.js?cb=31089265
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
0d77360d598c2fc4fc7cbb6bdc57ccfc880c83c5b9e425f1281e7dac667b08c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
15384916825016109596
age
61278
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 22:57:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 10 Dec 2024 22:57:23 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
15798
x-xss-protection
0
server
cafe
exosrvcode-
fundingchoicesmessages.google.com/f/AGSKWxX61KXYWtKHRMrMiRcOalZTCTkTyvgcWEDgqSLWvjIK_JITyLusOeVaEIA9BWzv3wtMdIEKLTceKeFGpW3KPeQ_uGrKbNgzk6w4eKqv4aYSLJ-5hGO6_ZNXasx-U9MgGsmRG76i2CdZqlhn9BI3yWFz-KPm-... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX61KXYWtKHRMrMiRcOalZTCTkTyvgcWEDgqSLWvjIK_JITyLusOeVaEIA9BWzv3wtMdIEKLTceKeFGpW3KPeQ_uGrKbNgzk6w4eKqv4aYSLJ-5hGO6_ZNXasx-U9MgGsmRG76i2CdZqlhn9BI3yWFz-KPm--qJYZx1rQKz110xp8IsO2FefaGZNS9h/_-floorboard-ads/=advert//ad-header./advertize_/exosrvcode-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_wall_executable/ed=1/rs=AJlcJMzeRb445gm-dUAhZZ8tAKsP7FSUzA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
b73ebf8ce797ff5a635e4b582f448e8c50e7a7c0afcaf087ea8b7ac08f042261
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UpfWTId-vDW6j0GebT8C9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcGx8-2wXm8CEQyveMSppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZWOoZGMcXGAEAntZF_w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UpfWTId-vDW6j0GebT8C9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_wall_executable/ed=1/rs=AJlcJMzeRb445gm-dUAhZZ8tAKsP7FSUzA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
16023549773543154165
age
1170
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 16:39:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 11 Dec 2024 15:39:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
51
x-xss-protection
0
server
cafe
AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b1vhvXHWeX210fqBiDn12g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj49tnu9gELvRdfMuo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQws9AzM4wsMAC_JK5Q"
content-security-policy
script-src 'report-sample' 'nonce-b1vhvXHWeX210fqBiDn12g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 15:58:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v62/ Frame 3927 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v62/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
58180e3cba5a736e1875c690b3a756dabc7ee19960f4c66a692d42e5679c13d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://u1503-cuio.quins.us
Referer
https://fonts.googleapis.com/

Response headers

age
518099
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 16:03:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:03:42 GMT
last-modified
Tue, 29 Oct 2024 18:38:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22180
x-xss-protection
0
server
sffe
AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HfalSUKTozDZXR-OSxy30w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj49tnu9gEOrb072RScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRgYWegbm8QUGAACSKvQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HfalSUKTozDZXR-OSxy30w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-l3YYNJjK-LdoAOKnHb2TXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj49tnu9gEGi5NWMes5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQws9AzM4wsMAAb-Kwc"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-l3YYNJjK-LdoAOKnHb2TXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGQ7DFHD1VafBnMyrQTIQY8XfeuiXrK6ZIh4K2Q0gouMW85CUp-NNrjEipMFFvq9euoHan9D-rQwWnEbtN_biW8xTQoTzwdrFdnj_t2xtNkEmo3PlE0Tiz9IOKEI2_ij-jQBnsaw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uKhxoXTZ3CfdAL2uwSnZZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj49tnu9gEHqzYu45ZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhlY6BmYxxcYAAAkPytr"
content-security-policy
script-src 'report-sample' 'nonce-uKhxoXTZ3CfdAL2uwSnZZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX2ipWiEAkzSLN2yXS4shs6ojDo7BXW09CeLeDnPVozOHvJuOeZ6xveMlbvPojOy-6GglL-L_Lm7WCNYsnSl6JQ8dgtn7pu0jY9MDtGA9vV6_NzR_3Bc1-w_sfrNjnesJqKoJGOYg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX2ipWiEAkzSLN2yXS4shs6ojDo7BXW09CeLeDnPVozOHvJuOeZ6xveMlbvPojOy-6GglL-L_Lm7WCNYsnSl6JQ8dgtn7pu0jY9MDtGA9vV6_NzR_3Bc1-w_sfrNjnesJqKoJGOYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTMyNzIxLDgyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTEsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdTE1MDMtY3Vpby5xdWlucy51cy9ob3ctbXVjaC1kb2VzLWl0LWNvc3QtdG8tc3RheS1hdC1yZXNvcnRzLWluLWhvbmcta29uZy13aXRoLXlvdXItcGFydG5lci8iLG51bGwsW1s4LCItQXVQSzd5Zm5wNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxMywiW1wiREJBQkx-QlZRcUFBQUFBZ1wiLFtbNyxbMTczMzkzMjcyMCw0NDg2MjgwMDBdXV1dIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e2a3c622fe742691f9c73a04f818835e16bf376b7db32d3cafd82c3991fb1904
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4YIdV711gMHzBmgNFOgs-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:41 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XBsfPtsF5vAhI7eTcxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGBpZ6BsbxBUYA1spKhA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4YIdV711gMHzBmgNFOgs-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D629 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1503-cuio.quins.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 15:19:29 GMT
expires
Wed, 11 Dec 2024 16:09:29 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 72B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zsyGyXvmSNT8cv8YbxJc0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1503-cuio.quins.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zsyGyXvmSNT8cv8YbxJc0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 15:58:42 GMT
expires
Wed, 11 Dec 2024 15:58:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
container.html
f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 845B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1503-cuio.quins.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 15:58:40 GMT
expires
Wed, 11 Dec 2024 15:58:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxURmJdqPflhrKzCoSahjXw222jXly-qL-Il-sxP45B5hpZxwstBk68Bi3UsnVsERDnrSCGyc8m7rSGIEcITNcr2qouMsQr34EiVHVX_S7nwGb3e0NfahnOpxeyyo6iI5GTrmV5OOg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxURmJdqPflhrKzCoSahjXw222jXly-qL-Il-sxP45B5hpZxwstBk68Bi3UsnVsERDnrSCGyc8m7rSGIEcITNcr2qouMsQr34EiVHVX_S7nwGb3e0NfahnOpxeyyo6iI5GTrmV5OOg==?dmid=97f8d9048db2b640
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gg5ZTVu76B7C337u06wuvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:42 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJtj09tnu9gEGv7vVVZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGBhZ6BubxBQYA6U8q2A"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gg5ZTVu76B7C337u06wuvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXT8-ngTSJ6yA-kAgOSOv6hzByal5ovcFWHsFNRwGKOo3Zc6Al6-WQcGO5IYFZA9HgI6JSLCNRRmEuNQgd_XaCioGdLoSlauLqxuFSoB7nxdZl0j4UggAuqlNSRjC71so6mmGLCCQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXT8-ngTSJ6yA-kAgOSOv6hzByal5ovcFWHsFNRwGKOo3Zc6Al6-WQcGO5IYFZA9HgI6JSLCNRRmEuNQgd_XaCioGdLoSlauLqxuFSoB7nxdZl0j4UggAuqlNSRjC71so6mmGLCCQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTMyNzIxLDk5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTEsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly91MTUwMy1jdWlvLnF1aW5zLnVzL2hvdy1tdWNoLWRvZXMtaXQtY29zdC10by1zdGF5LWF0LXJlc29ydHMtaW4taG9uZy1rb25nLXdpdGgteW91ci1wYXJ0bmVyLyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzEzLCJbXCJEQkFCTH5CVlFxQUFBQUFnXCIsW1s3LFsxNzMzOTMyNzIwLDQ0ODYyODAwMF1dXV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
034a378f7088e21485c37064edb788504bf3196167dff5b72e0ff40c504b7898
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tpjGyQAod3qQkg2U3Lau4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:42 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc2x6-2wXm0DDrqMaShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGRgaWegbG8QVGAEC4RTQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tpjGyQAod3qQkg2U3Lau4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3927
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
view
securepubads.g.doubleclick.net/btr/ Frame 3927 		0
0
AGSKWxX8_EtBJ1y1heB8CbKvZkxaFfWpiz2_DKisIID8bzccpXK-3yKx5AfSKXdvBJM7b7fkUIwM4Tj4Qe34cctJoeawuTueEkrDo9f2bvnj3AnkAF8eBVjL7Q4Dq6bmHjcNZa4x0UoCuw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8_EtBJ1y1heB8CbKvZkxaFfWpiz2_DKisIID8bzccpXK-3yKx5AfSKXdvBJM7b7fkUIwM4Tj4Qe34cctJoeawuTueEkrDo9f2bvnj3AnkAF8eBVjL7Q4Dq6bmHjcNZa4x0UoCuw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j_b44YPpH18pD4Up7OEq3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u1503-cuio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:42 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJtj09tnu9gEVpw4XqzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDCz0DMzjCwwA-rgrGw"
content-security-policy
script-src 'report-sample' 'nonce-j_b44YPpH18pD4Up7OEq3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u1503-cuio.quins.us
content-length
0
x-xss-protection
0
server
ESF
container.html
f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D6F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1503-cuio.quins.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 15:58:40 GMT
expires
Wed, 11 Dec 2024 15:58:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_side_rails.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl_side_rails.js?cb=31089265
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
956f821918cce638c0596907e776859745420d2a9b9051d14258fa17e8e0b62d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
748492804041277816
age
46601
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 03:02:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 03:02:01 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
2062
x-xss-protection
0
server
cafe
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame A0F1 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
391718
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 03:10:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 03:10:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A0F1 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
414365
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 20:52:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 20:52:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A0F1 		95 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
398109
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 01:23:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 01:23:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A0F1 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
414365
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 20:52:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 20:52:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A0F1 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
422536
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 18:36:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 18:36:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame A0F1 		7 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
fe53b72de605eaeaa413bd918760961ddf0d8557891ca23e74b3ad6785b733cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 15:58:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:58:42 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Dec 2024 15:08:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0F1 		295 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
426692510519060060
age
42219
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 04:15:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
295
x-xss-protection
0
date
Wed, 11 Dec 2024 04:15:02 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
14763004658117789537
tpc.googlesyndication.com/simgad/13484344806905036731/ Frame A0F1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13484344806905036731/14763004658117789537?w=195&h=102&tw=1&q=75
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4332f6d8494c37fb301eb05fd610ff1c9f2aa2d17b2bca4ffceecb1ed15969f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

age
51681
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 01:37:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 11 Dec 2024 01:37:21 GMT
last-modified
Wed, 22 May 2024 02:24:04 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
4963
x-xss-protection
0
server
sffe
14763004658117789537
tpc.googlesyndication.com/simgad/224156893330200905/ Frame A0F1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/224156893330200905/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ca32c03ea9b16c5b242fa2d555881004f9267fd24588093cdab77a20defca93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

age
379091
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 06:40:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 07 Dec 2024 06:40:31 GMT
last-modified
Fri, 05 Jan 2024 09:00:38 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
2101
x-xss-protection
0
server
sffe
truncated
/ Frame A0F1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5e0770d6b353aa9524049441216e06aca2fd50521266fbe56f1a1506e6f9031

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0F1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: u1503-cuio.quins.us
URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
14819457070020093239
age
54506
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 00:50:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2502
x-xss-protection
0
date
Wed, 11 Dec 2024 00:50:16 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
l
www.google.com/ads/measurement/ Frame A0F1 		0
0
container.html
f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://u1503-cuio.quins.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 15:58:40 GMT
expires
Wed, 11 Dec 2024 15:58:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3927 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2uV3vxjuSOALlBwoOS07AK-ZHm20ZzGSiqmIqe8KJABy6eD4sNv-ozjvc_0btVKoJJD8gQajriGVhI-dGSGTVLC2fXDw4YyP7q44q2qP4Da-2RfB9Omc_oLgW1hcSOshtI7hUAoRzX9XrKnxtlv6W15LzxWTOpXZejq_ftNh6ZxhXjzmOr2tAso3Cbb5-eX-ccA&sai=AMfl-YRUdOHeC5VIhcGU6OVmEtZofp2IXpE8pVhw6Dp_icwtdg1Rm44GF6E2cWkefDtnSh3HTRxr76D6l7ppyjoiLqGn9Lsyui6Lr7abit81TdlWutSZf9U2ml0VYgIlzVp5uIjOHwwXMhe3uW-65_7AmA&sig=Cg0ArKJSzOAO1ubh9ZP7EAE&cid=CAQSTwCa7L7dD43bvszRHbg_NYWliokIZAxrVvRUSYTpIvABYUVqyK2vDk_R78yoOr5A-B-spPfSNVaKXTqiiYhnSeUT-EldPtiqx0ZCSzCjdLkYAQ&id=ampim&o=436,424&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=881&tls=1882&g=100&h=100&tt=1882&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u1503-cuio.quins.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 11 Dec 2024 15:58:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
u1503-cuio.quins.us
URL
blob:https://u1503-cuio.quins.us/782d6e07-24b7-45f4-9721-7791b00112b5
Domain
wp.quins.us
URL
https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2
Domain
wp.quins.us
URL
https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff
Domain
wp.quins.us
URL
https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.ttf
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=CdwXWsLZZZ9GrLKSI3rsP192LqQbchKeEfLzU-4HkE56uloaMDhABILq0l5cBYMme9oaAgKAZoAH0irrLPsgBAakC8wCvRdFPST7gAgCoAwHIAwqqBPECT9Ara8AhM0tKhwa0GYKDkp1VLQ-OpWT_-__jXdweZmT6D7VXJM3aMVteBF6K_UmAC2RYtyqQrmQXH3lzfjmIcjCfOUKb4BDXAgkIoZq-BM1P_7rQ6vxfKAgHRjB0pzQKZ15T7Zan0ujS--ZkjSWyQ2icOzG4YMhBZlkFNqj-Tpgh9mPBDanZDcZldDbawSkFp39i0jXnuqVT97JMfjJTBUM9N_Swx25SZ8FihU94FhaZwdQK9tEHRuK7a-OVijfqln0b-skQOBvOtGbFDSGO_qL0iGTxbPKX3NXn1uCHObj5FJvl-g4s4AOkHbk8lwvBwt-ZS7G2SyRJqGFOigzG-IZqwZI5opGeQNnwEQJh5238hlzMmIvQEAzHRbsoW3dsLQ-16E5J8Qcd9R06lnz1m1Tv44ga3YJISgqlAOGxCoXvfzLaxohUTKWfRfdHuPXqriHWvay75WtTFguJEb0gy7e5Z1G3t6I7awiZEwn2KZhDwASdxMn8_ATgBAGIBd7B9-xRkgUECAQYAZIFBAgFGASgBmaAB_TCiqsZqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCh4xTSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOljD_4bfiqCKA5oJImh0dHBzOi8vd3d3Lmtsb29rLmNvbT9nYWRfc291cmNlPTWACgPICwHaDBEKCxDw29322oS0wOEBEgIBA-INEwjQrYffiqCKAxUkhHcBHdfuImXqDRMI-aOI34qgigMVJIR3AR3X7iJl2BMKiBQK0BUBmBYBgBcBshcgChwIABIUcHViLTQ2ODQ1OTc1MzU5MTA0ODgYoK55GAG6FwI4AbIYCRICoU8YZiIBANAYAQ&sigh=X_lZOb6fvFE&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTwCa7L7dD43bvszRHbg_NYWliokIZAxrVvRUSYTpIvABYUVqyK2vDk_R78yoOr5A-B-spPfSNVaKXTqiiYhnSeUT-EldPtiqx0ZCSzCjdLkYAQ&ibtr=1
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpL4FX3mh6IAALe5mHCf2HLjdPyg8vqk4U9-K3QuecdC6qPxexHUo98uQ_kinL3DqXvlMaK2j3gqOYGvSI1xKnRHGAiw
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412050101&jk=213294767251991&bg=!tbaltvnNAAbFeMsx5Xg7ADQBe5WfOAeqOrDasNEC1IuMlCEKxVcWT0XDuieLJwddYXPJGnJBLY1BIVIkJf8GFoWUY62NAgAAAEBSAAAABGgBB34ANsI5ZDfKkATN9_pLfqlN888p9GBu-UjTa05KrJ0FmzQf38fngOIHuJfRjHg99aRvPjwWMzLyHgoAFGyboIknSf5aoYjSot5uET7an7LOmQKmvhMHYt_aOPRbgS9-IF5DeetiDzKi_EKQp661fXxAnAsNGV2L4pkHS1XTAHG7cBwEoand6iWA5avmlFM2l_Ks2VARsNbP7iykjljfes5M7of0SpTwi7eutDomHwO8M-Ms-JsSOsX2pprD10BS556rw99Iu-56so5Bd4zsuxs7o7qp4trJDDWIlXgZthC72yJuUDjEgsg5anFXnWQvsdX9X4dAQnO6I86EZPuxEm22W3DgaZOn1bVP9rioUluKvg3lyBb3WNzVKsJEylK3J_UveCMmg73vkySIk2SaHf-HhBkuMZS7yNBG7jZ20xoLGuswXg0ZBuqoINXnLYASN09AJ0ZTAY5NfbJLRSCEnyhip0U1Yqg2bOV2j0LwguA57LFIoAqbfMW67ftJvCotZApnd-VnRUvuH_MydtmBqvo7f7Dqepao9auvFKFi-wPltXGsPmsCbzM1BOobrvK8KE34MS6xLgszKGWoJICuCFBq1QdU8G5-dQSecYHzmKeQlvg6jXFBriSN9npAIEV6otW4JznuZk2uaSpPiqsif_29uzO0nHiUmV16ZFPX0tvw4-IabcJhZtPGdVgjOLvNMz6v6bnANYDB_ZBWuQlItnbvTSgS1CH4Ijs3G28dwlyN3UJTuf00ms7XCXVmIlqE1l8k7Ul-sY92ipmY5zbm8jIyG3GZA1Namt4SwShS5Oaep7qz1Tg67hbS1qP6Hxp--b34sK-Sw8sJ2cT4nds8jcxNE7TkZEi3C8-wLW-FMqNiu6Ps6W-pqUe2BOSks6AwuN1U-0eauvuSXCWHbUfsZx45g_V60Q5xIPym8eFf4jofH2gPA6qGoTkSzJZUHovZptR7bjX-EltwBJVAU1PgDFKROQTSwyl-o-HUuT5ZeaJv_0lf_4HpJFzJ

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| _wpemojiSettings function| jQuery function| gtag object| dataLayer object| admaniastchk object| addComment object| twemoji object| wp object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OGViNGFmYmI2NWI5ZmNkNGxvYWRlcl9qcw== string| OGViNGFmYmI2NWI5ZmNkNGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms boolean| 93fce1d6-1b89-4baf-aca9-f637c0c81c25 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

23 Cookies

Domain/Path Name / Value
u1503-cuio.quins.us/ Name: PHPSESSID
Value: jeu80qlbin0spthk33vfs4nb1j
.quins.us/ Name: _ga_2C0YTSFLGP
Value: GS1.1.1733932719.1.0.1733932719.0.0.0
.quins.us/ Name: _ga
Value: GA1.1.2078764017.1733932719
.quins.us/ Name: __gads
Value: ID=ca05733227ea7443:T=1733932720:RT=1733932720:S=ALNI_MYxeQsO-bZlhEokH3r2-mjco4gb4Q
.quins.us/ Name: __gpi
Value: UID=00000fae7eb09ccb:T=1733932720:RT=1733932720:S=ALNI_MYQhn6t_wu2-QZCHKrMBMRIH3swyQ
.quins.us/ Name: __eoi
Value: ID=9c5ca91ccf91d336:T=1733932720:RT=1733932720:S=AA-AfjaXjcTSHy13Idwx-0I-DHX3
.googleadservices.com/ Name: ar_debug
Value: 1
.quins.us/ Name: FCCDCF
Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B13%2C%22%5B%5C%22DBABL~BVQqAAAAAg%5C%22%2C%5B%5B7%2C%5B1733932720%2C448628000%5D%5D%5D%5D%22%5D%5D%5D
.quins.us/ Name: FCNEC
Value: %5B%5B%22AKsRol_slrDzr0RL6gG2qS22LqXZIPNpeq63lMg-eb5j0Yx9duBYVX57pK9Xem-co478KyV6UHRT4Arni9IAbUfuNOFCR8thXuDbx8cGkXifQar7MgHXCfGjnBGkufuirjoZ7gpW7dCnc28LDPUQT9aNQAfUKsUKYA%3D%3D%22%5D%5D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adform.net/ Name: C
Value: 1
.go.sonobi.com/ Name: __uis
Value: 93459c0e-5e2f-481d-8f05-53ceee486346
.go.sonobi.com/ Name: HAPLB8G
Value: s86106|Z1m2t
.doubleclick.net/ Name: IDE
Value: AHWqTUmRqWANZwgNY2fehpQzNGZ8lXOGfTRnNNmHEZvTuGsZmsBziiq98_DZ1e3TAoQ
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A5737794363578838518
.linkedin.com/ Name: bcookie
Value: "v=2&ab223824-6660-48b8-81d4-5de82815f68e"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2992:u=1:x=1:i=1733932722:t=1734019122:v=2:sig=AQEw0TBERrQVwOlpIq2o5_nmzEyxjwk3"
.doubleclick.net/ Name: APC
Value: AfxxVi4ytn6T6KNbyXF3W2nhD4ypfV-kjMoSVtU_a-7DC4a1ttOEWQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: Z1m2ssAoIsEAABFVB1mCvAAA
.casalemedia.com/ Name: CMPS
Value: 2620
.casalemedia.com/ Name: CMPRO
Value: 2620

6 Console Messages

Source Level URL
Text
javascript error URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Message:
Access to font at 'https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2' from origin 'https://u1503-cuio.quins.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Message:
Access to font at 'https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff' from origin 'https://u1503-cuio.quins.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://u1503-cuio.quins.us/how-much-does-it-cost-to-stay-at-resorts-in-hong-kong-with-your-partner/
Message:
Access to font at 'https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.ttf' from origin 'https://u1503-cuio.quins.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
cryptednews.space
ep1.adtrafficquality.google
ep2.adtrafficquality.google
f4d9f8554ffbbdebb1ca6255ff18e979.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
pagead2.googlesyndication.com
secure.gravatar.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
u1503-cuio.quins.us
wp.quins.us
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
ep1.adtrafficquality.google
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
u1503-cuio.quins.us
wp.quins.us
www.google.com
142.250.31.105
142.251.16.157
142.251.163.139
142.251.163.154
142.251.163.155
142.251.163.95
172.253.122.155
172.253.122.94
172.67.146.19
172.67.221.61
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::61
2607:f8b0:4004:c19::84
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1f::8b
2607:f8b0:4004:c21::84
2a04:fa87:fffe::c000:4902
034a378f7088e21485c37064edb788504bf3196167dff5b72e0ff40c504b7898
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
0d77360d598c2fc4fc7cbb6bdc57ccfc880c83c5b9e425f1281e7dac667b08c6
10a329ceb9efbcd662117b894ed5547a9a090aa97255f388c1365028e7dd998d
10d91823e45b6940f49d2ac0ed5b44bf28f12b4580ef20595424e392978aa1c4
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
1567bf3a9a2521c2399880eb1878deefe50839d2720bcc29b51a302be8fd03c9
298664f97887240e72adb434316a4c19b6a40ba461e5970168408c85be1e1a19
2c0977a8b7b34411b2bca38ac29bf7d0ae02826e60274c8c012280fd31a8451a
2d25825c89e9e42bf60463aacb87c38307e0279e6f6517de818bac6021080f15
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
375cfbbe726e5f03a6e1f887923b442905bce957cd72139071889d6ac3782489
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
490708fe9e1aa52f0b629138c769f4a80e1779f00adddce2e49e23c735d7b161
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
51a827dac65b3305db87b2a59c18cfd5653fdb4e77c1eec868c774c6fb07ca88
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58180e3cba5a736e1875c690b3a756dabc7ee19960f4c66a692d42e5679c13d0
5b49d7b64f5297cfd6b04639fb64c06220edf72d733a672cd61d137d303af3b0
663866fae5f47c90bef35eceda5d1899430ea5dda7a49a51df1dda608104b674
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
7b14bf40bc67594060272c07b2790374c293d0628ff636554904a18f9c393e23
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
8ca32c03ea9b16c5b242fa2d555881004f9267fd24588093cdab77a20defca93
8d3c3455c8cc702fdd58340a7858a86c8f235dc1cf4269d3d3a59c355992e5c6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
956f821918cce638c0596907e776859745420d2a9b9051d14258fa17e8e0b62d
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
9c15a9227d1f2273a74e7cf6a1b3e637cde1108d22ed02a339976d8b8c6dcf90
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f
a298400cc6236a4a7439ff3511e3b4d6d9fa158d640b268b317e14bce2610fb5
ae7c05e58a045d762217b2a3933232700c3e6b83ec230ebd7dbe2805940a5d81
b73ebf8ce797ff5a635e4b582f448e8c50e7a7c0afcaf087ea8b7ac08f042261
bb7e056129663a68cc0c5969b881417a1c3c3e70bea50d3011c417b59170ded1
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce1548bc63604fb8562e3e4013bd51e771ad7dc5d27105216051592c5c617b0d
d140fc2f82de060eba7c1e49d572035e45aa137ff9e3283f1dd195b86704da67
d31f124b79592c4ea10779127a902356e5f31a3aeac4eabb2d8b3abee6d219f1
d4332f6d8494c37fb301eb05fd610ff1c9f2aa2d17b2bca4ffceecb1ed15969f
d99a69bb4378e72447801980ad59e8a7a9aac03e840895f71559b25ddb92b749
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e2a3c622fe742691f9c73a04f818835e16bf376b7db32d3cafd82c3991fb1904
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e0770d6b353aa9524049441216e06aca2fd50521266fbe56f1a1506e6f9031
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45ba6e591fdca93355b8a145c736f8eece478edfec3fd6d3e7c56de3a601005
fe53b72de605eaeaa413bd918760961ddf0d8557891ca23e74b3ad6785b733cc
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99