URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Submission: On October 21 via manual from PH — Scanned from US

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 43 HTTP transactions. The main IP is 2a02:4780:11:1374:0:1415:361d:5, located in Mumbai, India and belongs to AS-HOSTINGER, CY. The main domain is letsdobookmark.com.
TLS certificate: Issued by R11 on September 7th 2024. Valid for: 3 months.
This is the only time letsdobookmark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a02:4780:11:... 47583 (AS-HOSTINGER)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 142.250.80.34 15169 (GOOGLE)
6 172.67.39.148 13335 (CLOUDFLAR...)
7 178.16.136.248 47583 (AS-HOSTINGER)
1 2607:f8b0:400... 15169 (GOOGLE)
3 142.251.40.162 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 142.251.41.14 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
43 12
Apex Domain
Subdomains
Transfer
12 letsdobookmark.com
letsdobookmark.com
101 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
www.google.com Failed
71 KB
6 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4352
30 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
215 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270
83 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
43 8
Domain Requested by
12 letsdobookmark.com letsdobookmark.com
6 fundingchoicesmessages.google.com pagead2.googlesyndication.com
6 static.addtoany.com letsdobookmark.com
static.addtoany.com
5 pagead2.googlesyndication.com letsdobookmark.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 stackpath.bootstrapcdn.com letsdobookmark.com
stackpath.bootstrapcdn.com
1 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com letsdobookmark.com
0 www.google.com Failed tpc.googlesyndication.com
43 10

This site contains links to these domains. Also see Links.

Domain
12cricket.com
www.addtoany.com
Subject Issuer Validity Valid
letsdobookmark.com
R11
2024-09-07 -
2024-12-06
3 months crt.sh
bootstrapcdn.com
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
static.addtoany.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
*.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 7 frames:

Primary Page: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Frame ID: 2D65EC16E3E3CC9EDE5A16E5A956F574
Requests: 37 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 369C4476D6D4FF518E8971DB0A47588E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: CC1BB9E573A94DE5D71D02B62B4EC5C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8952756999489553&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729475533&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fletsdobookmark.com%2Fstory%2Fms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729475533083&bpp=9&bdt=2775&idt=820&shv=r20241014&mjsv=m202410160101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5147496092574&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759837%2C95343852%2C31087658%2C31087701%2C31088194%2C95341936%2C95344190%2C31088222&oid=2&pvsid=3995220145469182&tmod=165698229&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=848
Frame ID: 192079A4177F57EF9B5AAE4D66687660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8952756999489553&output=html&h=120&slotname=3858102341&adk=1830432468&adf=2665882539&pi=t.ma~as.3858102341&w=1336&abgtt=6&lmt=1729475533&rafmt=12&format=1336x120&url=https%3A%2F%2Fletsdobookmark.com%2Fstory%2Fms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729475533092&bpp=2&bdt=2784&idt=862&shv=r20241014&mjsv=m202410160101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5147496092574&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759837%2C95343852%2C31087658%2C31087701%2C31088194%2C95341936%2C95344190%2C31088222&oid=2&pvsid=3995220145469182&tmod=165698229&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=875
Frame ID: F3587FA75A65B5C2AD5B4266764D0815
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: EEF80BF8C56AD25158BD68C6BC6AF035
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88358B5B6D644596908188CD6DB3796A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Social Bookmarking Sites 2021

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

86 %
HTTPS

45 %
IPv6

8
Domains

10
Subdomains

12
IPs

3
Countries

601 kB
Transfer

1704 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
letsdobookmark.com/story/
12 KB
4 KB
Document
General
Full URL
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1374:0:1415:361d:5 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.0.30
Resource Hash
ef63dfaba03fbd416679b693d4fccc959e1aba98db0059a4f2e378d4cc3c77b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
3935
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 21 Oct 2024 01:52:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
panel
hpanel
platform
hostinger
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
bootstrap.min.css
letsdobookmark.com/assets/css/
137 KB
18 KB
Stylesheet
General
Full URL
https://letsdobookmark.com/assets/css/bootstrap.min.css
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1374:0:1415:361d:5 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d42117536826bc84cb0a1e05a32686d2f72324166eded07f97dfc10479541aa3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"2257d-6461d076-ab3a449a8be14b73;br"
expires
Mon, 28 Oct 2024 01:52:10 GMT
accept-ranges
bytes
content-length
18503
date
Mon, 21 Oct 2024 01:52:10 GMT
content-type
text/css
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
jquery.toast.css
letsdobookmark.com/assets/css/
14 KB
5 KB
Stylesheet
General
Full URL
https://letsdobookmark.com/assets/css/jquery.toast.css
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1374:0:1415:361d:5 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
33dee2ef843e35863eeb403df2c8a27753e846518d1b448eed32e7d9426284e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"38f6-653df563-c10f202a09b170dd;br"
expires
Mon, 28 Oct 2024 01:52:10 GMT
accept-ranges
bytes
content-length
4860
date
Mon, 21 Oct 2024 01:52:10 GMT
content-type
text/css
last-modified
Sun, 29 Oct 2023 06:02:11 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
355221
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:52:10 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
09/26/2024 11:08:39
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
730aa8816566bbb1ded8954f20c805de
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d5d9b51ab7469c1-LAX
access-control-allow-origin
*
cdn-edgestorageid
1109
server
cloudflare
cdn-requestcountrycode
US
js
www.googletagmanager.com/gtag/
291 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5JFYYBYHL
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25413fa1055828a50c2935830d56b8237dc04c741336862cbe46632a1224af87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 21 Oct 2024 01:52:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101937
x-xss-protection
0
server
Google Tag Manager
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8952756999489553
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
3f0eb084c2010294c5d1b2007836453c3edc7d0d573dab73eda0b73c55e8b14b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://letsdobookmark.com
Referer
https://letsdobookmark.com/

Response headers

content-encoding
br
etag
12301137708649617050
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 01:52:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53313
x-xss-protection
0
server
cafe
logo.png
letsdobookmark.com/assets/images/
18 KB
18 KB
Image
General
Full URL
https://letsdobookmark.com/assets/images/logo.png
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1374:0:1415:361d:5 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7966f83cfcde5a78d1867b4e8939d831c624bbb9ae342fb43450dc7ba5b56d7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"4940-6461d076-dd62f9798d212a10;;;"
expires
Mon, 28 Oct 2024 01:52:10 GMT
accept-ranges
bytes
content-length
18752
date
Mon, 21 Oct 2024 01:52:10 GMT
content-type
image/png
last-modified
Mon, 15 May 2023 06:25:58 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"b57737a151d7fd411c90e2eb8cdb171e"
age
10665
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1RWO7rnNDWefR94bV01%2F0CWu4eE6B9Lm1CUXhHF2wOJKAj9vEvk7Dn1bM%2BDIIMT0XxG0eepyzorJYggveDM0pWZUcrCuCGV5MFGRbadal9FyM1ebKowAyKTWtozssRzun8grNY5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400, stale-while-revalidate=30, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d9b5e7e612f23-LAX
access-control-allow-origin
*
server
cloudflare
jquery.min.js
letsdobookmark.com/assets/js/
85 KB
29 KB
Script
General
Full URL
https://letsdobookmark.com/assets/js/jquery.min.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1374:0:1415:361d:5 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"15339-6461d076-d10aa9f31a719899;br"
expires
Mon, 28 Oct 2024 01:52:10 GMT
accept-ranges
bytes
content-length
29386
date
Mon, 21 Oct 2024 01:52:10 GMT
content-type
application/x-javascript
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
bootstrap.min.js
letsdobookmark.com/assets/js/
49 KB
13 KB
Script
General
Full URL
https://letsdobookmark.com/assets/js/bootstrap.min.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.16.136.248 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7c129fbf2304b6ce0f06985b2325720bf50a4e37d8e883f9c4f85b9b2b5806fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"c512-6461d076-8cec05a7393cb63c;br"
expires
Mon, 28 Oct 2024 01:52:11 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13092
date
Mon, 21 Oct 2024 01:52:11 GMT
content-type
application/x-javascript
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
jquery.validate.min.js
letsdobookmark.com/assets/js/
23 KB
7 KB
Script
General
Full URL
https://letsdobookmark.com/assets/js/jquery.validate.min.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.16.136.248 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
888fb6de721fb6de5806e3fda71ef5ab647a7b14b1aa05832c96b6349b29fd6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"5a52-6461d076-3241ae703ed1ee01;br"
expires
Mon, 28 Oct 2024 01:52:12 GMT
accept-ranges
bytes
content-length
7099
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/x-javascript
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
jquery.toast.js
letsdobookmark.com/assets/js/
7 KB
2 KB
Script
General
Full URL
https://letsdobookmark.com/assets/js/jquery.toast.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.16.136.248 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
04a5e2c749969cd28db8d8d651fb9e25112cc760812fc5b3b9ed207e7ff7d4ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"1c75-6461d076-dc21ab23e433f9c9;br"
expires
Mon, 28 Oct 2024 01:52:12 GMT
accept-ranges
bytes
content-length
1753
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/x-javascript
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
form-validate.js
letsdobookmark.com/assets/js/
6 KB
1 KB
Script
General
Full URL
https://letsdobookmark.com/assets/js/form-validate.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.16.136.248 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7c261e579a28a2f8d77ad3a3c21b859dfbafe7d971a577e50d89d0be4c901902
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"17ea-6461d076-e731d77576405dbb;br"
expires
Mon, 28 Oct 2024 01:52:12 GMT
accept-ranges
bytes
content-length
1215
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/x-javascript
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
common.js
letsdobookmark.com/assets/js/
7 KB
2 KB
Script
General
Full URL
https://letsdobookmark.com/assets/js/common.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.16.136.248 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ee7a380c64974c2d1d72b88bcb43350cc85b66e623fa058aca7e2b59ff2596cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"1a08-6461d076-371db691b3702863;br"
expires
Mon, 28 Oct 2024 01:52:12 GMT
accept-ranges
bytes
content-length
1660
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/x-javascript
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
custom.js
letsdobookmark.com/assets/js/
5 KB
1 KB
Script
General
Full URL
https://letsdobookmark.com/assets/js/custom.js
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.16.136.248 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
56b852372733999c028fa1cfb487cdabe252635cb6b280c1d597c4a07d292584
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"13c2-6461d076-202a4160bf36a980;br"
expires
Mon, 28 Oct 2024 01:52:12 GMT
accept-ranges
bytes
content-length
1240
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/x-javascript
last-modified
Mon, 15 May 2023 06:25:58 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://letsdobookmark.com
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
1596440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
09/26/2024 10:53:46
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
b535b3d88fbfbb00b4324e8e822ccddb
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d5d9b5e8db12b7a-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
1114
server
cloudflare
cdn-requestcountrycode
US
sm.25.html
static.addtoany.com/menu/ Frame 369C
0
0
Document
General
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://letsdobookmark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
11934
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8d5d9b5f9a84cb85-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 01:52:12 GMT
last-modified
Sun, 20 Oct 2024 22:33:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCZ3hH00OPB%2Ba5KlkpmcQkaV3NsgYwDy7HdpHf0wrY%2FqZ%2FyomaIXQXkc4HkGKy%2FoTPzRHgITG%2BPKVOG9sc9OIu2P%2Fn5jBdtYrhG6ZcmNMt8vstwx5HX3EBuc10iXOB4gEfDYKILNU1qMHKBERI2xHXv%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.D0Uc7kY6.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://letsdobookmark.com
Referer
https://letsdobookmark.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"6fea96ea56ee4fff557b8776f9c8c3a6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtMD8QGRqIorLP2IFIm6qB1Qv6naBXFhxn1quXfwh9OQe2e9ZfzkmOaB7VpWd6mZY5krt6Lagytqp7cvy5SmOaCXRlODZdxkvU77UbTTgN7qNeCis7uONe%2BFo8td135UO%2FoesJK4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:52:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d9b5f9d3d7bc8-LAX
access-control-allow-origin
*
server
cloudflare
a2a.js
static.addtoany.com/menu/svg/icons/
182 B
664 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/a2a.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://letsdobookmark.com
Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"0aca4ea1e5f8f250126a8e0c597dd969"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUmQrzsyek8xtvqNpBwr1279ej%2BlZY%2BXx3my1cGvmQP2MhqO3Td%2B8FvISlqUF8Ct6c8Ab1lLSQAMMpC3O9UWiNTxwCWbSiKceTxk9YkJkOOex%2F6zT6jMqhds09hH3lpFc1kv28lP"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:52:13 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=7776000, stale-while-revalidate=30, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d9b60ff9a7bc8-LAX
access-control-allow-origin
*
server
cloudflare
facebook.js
static.addtoany.com/menu/svg/icons/
429 B
810 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/facebook.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://letsdobookmark.com
Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"68925fa8e347041c6006837e73c518bc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxMpwRNAg%2FqnHRs8dU1D7HBnm1XjeQnKWI6gG5uXw7P09TnnMYu1CLiLqAksDCrIo%2FoOiGlXKHzY4tpfKzHH4uB%2F1zv6JP7K3OhN6BV6tVp7Gvt40T1yDoGeQPlTYcGl39bskaaN"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:52:13 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=7776000, stale-while-revalidate=30, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d9b60ffa37bc8-LAX
access-control-allow-origin
*
server
cloudflare
twitter.js
static.addtoany.com/menu/svg/icons/
645 B
909 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/twitter.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://letsdobookmark.com
Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"af2b829f9b79fabec7c0148a8b7e444b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pE26%2BSNxa62raVIvA5yPShjQw8gP2%2FRV%2FUPvoA27V%2FJoE1nDG1lEtnjET6ieKneQpwJbPriwKThkhRCr2U3HOMkwhy%2FHZHRes8yhgn7ll8ENYbAF2VjEFrwjtSDxsP%2BukOu4UJ04"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:52:13 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=7776000, stale-while-revalidate=30, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d9b60ffa77bc8-LAX
access-control-allow-origin
*
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/
432 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/show_ads_impl_fy2021.js?bust=31088222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8952756999489553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
5682bd372d5f2a3b632b94091c605274afd6984c00a48d557e2e924398167467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
br
etag
8987596393343938768
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 01:52:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 21 Oct 2024 01:52:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147050
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R5JFYYBYHL&gtm=45je4ah0v882015363za200&_p=1729475532429&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101686685&cid=580120465.1729475533&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729475533&sct=1&seg=0&dl=https%3A%2F%2Fletsdobookmark.com%2Fstory%2Fms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy&dt=Social%20Bookmarking%20Sites%202021&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4859
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5JFYYBYHL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://letsdobookmark.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:13 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame CC1B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/show_ads_impl_fy2021.js?bust=31088222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://letsdobookmark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
1482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 01:27:32 GMT
etag
13108003645644964576
expires
Mon, 04 Nov 2024 01:27:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20top_nav%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: letsdobookmark.com
URL: https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 21 Oct 2024 01:52:14 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 1920
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8952756999489553&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729475533&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fletsdobookmark.com%2Fstory%2Fms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729475533083&bpp=9&bdt=2775&idt=820&shv=r20241014&mjsv=m202410160101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5147496092574&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759837%2C95343852%2C31087658%2C31087701%2C31088194%2C95341936%2C95344190%2C31088222&oid=2&pvsid=3995220145469182&tmod=165698229&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=848
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/show_ads_impl_fy2021.js?bust=31088222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://letsdobookmark.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5265
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 01:52:14 GMT
expires
Mon, 21 Oct 2024 01:52:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F358
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8952756999489553&output=html&h=120&slotname=3858102341&adk=1830432468&adf=2665882539&pi=t.ma~as.3858102341&w=1336&abgtt=6&lmt=1729475533&rafmt=12&format=1336x120&url=https%3A%2F%2Fletsdobookmark.com%2Fstory%2Fms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729475533092&bpp=2&bdt=2784&idt=862&shv=r20241014&mjsv=m202410160101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5147496092574&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759837%2C95343852%2C31087658%2C31087701%2C31088194%2C95341936%2C95344190%2C31088222&oid=2&pvsid=3995220145469182&tmod=165698229&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=875
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/show_ads_impl_fy2021.js?bust=31088222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://letsdobookmark.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 01:52:14 GMT
expires
Mon, 21 Oct 2024 01:52:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-8952756999489553
fundingchoicesmessages.google.com/i/
195 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8952756999489553?href=https%3A%2F%2Fletsdobookmark.com%2Fstory%2Fms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/show_ads_impl_fy2021.js?bust=31088222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e492b8ef0eaffdbe2bdec1bc4d72ea09fc6c95e8e2b5ae4bd3e83302c4d68d82
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r3oowuxuMZkZkMbnlWs77A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:14 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XCce35tB5vAjl1vbjEraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJrqGZjHFxgAAHMQS1s"
content-security-policy
script-src 'report-sample' 'nonce-r3oowuxuMZkZkMbnlWs77A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R9ZvZfOinSGKHLE1b5ekaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://letsdobookmark.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4_zzazvYBD5snX-PScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmusZmMcXGAAAE9swKQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R9ZvZfOinSGKHLE1b5ekaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://letsdobookmark.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWeorcs5-4ODxxWxQNsN_-bNXsUe-3vapBuqF9z3C9BA1GWMG3aLPFhz4PXwc6Cv0jds-A0oUfQejRO4aufHXv8adgixSeXTOWWPOCpBFwxR6J59KDVlPDbAnulJxQaSvpDF-Tfyg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWeorcs5-4ODxxWxQNsN_-bNXsUe-3vapBuqF9z3C9BA1GWMG3aLPFhz4PXwc6Cv0jds-A0oUfQejRO4aufHXv8adgixSeXTOWWPOCpBFwxR6J59KDVlPDbAnulJxQaSvpDF-Tfyg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDc1NTM1LDM4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sZXRzZG9ib29rbWFyay5jb20vc3RvcnkvbXMtZGhvbmktcy1teXN0ZXJpb3VzLW5ldy1yb2xlLXNlbmRzLWlwbC1mYW5zLWludG8tYS1mcmVuenkiLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec93af6d15afd75218c99e84a76ece7029a486e58eedf59f739a98f0df31eb90
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KshxKXepe15vJj558H2HiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:15 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XCcf35tB5vAiparTxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE31DMzjCwwAZNBLCQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KshxKXepe15vJj558H2HiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUjkzdbkeUaOrK4idBXJXS78DTO-hI8tRgiH-HGQgioH-gHzye-ShOG26pvmMWnkEsFsinhc8q17_2aPUCrQHeiQhURJD_QGIcKXG4iJvoke4ZhpFbFtz_kPdNYeCsGTbCzGJkW_Q==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUjkzdbkeUaOrK4idBXJXS78DTO-hI8tRgiH-HGQgioH-gHzye-ShOG26pvmMWnkEsFsinhc8q17_2aPUCrQHeiQhURJD_QGIcKXG4iJvoke4ZhpFbFtz_kPdNYeCsGTbCzGJkW_Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDc1NTM1LDU3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbGV0c2RvYm9va21hcmsuY29tL3N0b3J5L21zLWRob25pLXMtbXlzdGVyaW91cy1uZXctcm9sZS1zZW5kcy1pcGwtZmFucy1pbnRvLWEtZnJlbnp5IixudWxsLFtbOCwiVHkwaGVNZnpYM3MiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60f5f8e81b2bc1fa641e3aa3175862fde8a44cc238499d1bf5c1d5fe87601b70
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-nxUtL-IVdxiSu2wBe5fHCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:15 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNeQYjhx6zbTBSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUHYkOFS6zOQOxYdInVE4hVey6xmgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1hYgvt10hfUxEAvxcJx_fm0Hm0DD0t97mJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDADWuFAK"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-nxUtL-IVdxiSu2wBe5fHCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/show_ads_impl_fy2021.js?bust=31088222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a1f3b15f040800408a1ffaa854ddc5582602c0bed29f128b4ccf2f01f9621bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12888
date
Mon, 21 Oct 2024 01:52:15 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.gif
letsdobookmark.com/assets/images/
39 KB
0
Other
General
Full URL
https://letsdobookmark.com/assets/images/favicon.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.16.136.248 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/story/ms-dhoni-s-mysterious-new-role-sends-ipl-fans-into-a-frenzy

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"f046-6461d076-bcd134d1b5684833;;;"
expires
Mon, 28 Oct 2024 01:52:15 GMT
accept-ranges
bytes
content-length
61510
date
Mon, 21 Oct 2024 01:52:15 GMT
content-type
image/gif
last-modified
Mon, 15 May 2023 06:25:58 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
sodar2.js
tpc.googlesyndication.com/sodar/
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410160101/show_ads_impl_fy2021.js?bust=31088222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 01:52:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
semantic_.aspx
fundingchoicesmessages.google.com/f/AGSKWxV6S79FBTohx1z8ke-KDDu2pEWbEFGq-FXBP54mt5BtT47iAwiHQQY8fb72uBOhvZw50E72odgEfCEP1aZxS_SUTFRDGur1t_NF3M_P0IP7i5pMhwGX8DBPfiOScMvcCU_kt21tZNZTiaccgYr-hqKoVcYDn...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV6S79FBTohx1z8ke-KDDu2pEWbEFGq-FXBP54mt5BtT47iAwiHQQY8fb72uBOhvZw50E72odgEfCEP1aZxS_SUTFRDGur1t_NF3M_P0IP7i5pMhwGX8DBPfiOScMvcCU_kt21tZNZTiaccgYr-hqKoVcYDn2s9y81N0mtmXiipAcm5xvPmU73k5mIL/_/welcomeadredirect./ad/semantic_.aspx?ad=/dfp.js/ads3.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
a4391070d3792ab4f80baac897da6148c02aebaac26796863e4689ca497ac822
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mRQHfXKMibDp9BxoW230CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:16 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNOQYjhx6zbTBSA-73SH6ToQS3x9yaQBxE7pM1iDgLj15jnWqUCc9O88axEQu2tdZPUHYkOFS6yOIFx0idUTiFV7LrGaAvH9dZdYnwPx1z2XWP8C8d6Pl1iPAnGRxBXWJiC-3XSF9TEQC_FwXHh-bQebwIYvJy8zKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhia6hmYxxcYAADhglBf"
content-security-policy
script-src 'report-sample' 'nonce-mRQHfXKMibDp9BxoW230CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://letsdobookmark.com/

Response headers

content-encoding
br
etag
13036835877489095579
age
18440
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 20:44:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 20 Oct 2024 20:44:56 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ugrxkQ91ZhVlQO2juEGwkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://letsdobookmark.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:52:16 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48LzazvYBG4s-X2ZUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmusZmMcXGAAAI08wWg"
content-security-policy
script-src 'report-sample' 'nonce-ugrxkQ91ZhVlQO2juEGwkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://letsdobookmark.com
content-length
0
x-xss-protection
0
server
ESF
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame EEF8
0
0

aframe
www.google.com/recaptcha/api2/ Frame 8835
0
0

AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxX1ox_7-KfOOwCoHMvvVim0Ej0p0Cguq-63V6rpT_GdBdF1_vlhCPfLEb-_WEkZ6nNFs82uS_zGGh4DwAY7XdGwiw7bBWWQVuOIiblu4XnlxyRMArx1DdGxyM-uEb1MfFPC3Nb1xw==
fundingchoicesmessages.google.com/f/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVUuzX4z2dVBD9N-B_6ABZcVnTg8zR196lGnDlzryVh_I0EJ6S_PJPsCj90B5kWJCcw_J_kmB9yHb0wllBVtNRDwpty51WTHPCmwKzodTPDIpakQWodqj3v62BFCKxyYd3SwyQSxg==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/f/AGSKWxX1ox_7-KfOOwCoHMvvVim0Ej0p0Cguq-63V6rpT_GdBdF1_vlhCPfLEb-_WEkZ6nNFs82uS_zGGh4DwAY7XdGwiw7bBWWQVuOIiblu4XnlxyRMArx1DdGxyM-uEb1MfFPC3Nb1xw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDc1NTM2LDUyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9sZXRzZG9ib29rbWFyay5jb20vc3RvcnkvbXMtZGhvbmktcy1teXN0ZXJpb3VzLW5ldy1yb2xlLXNlbmRzLWlwbC1mYW5zLWludG8tYS1mcmVuenkiLG51bGwsW1s4LCJUeTBoZU1melgzcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| gtag object| dataLayer object| adsbygoogle object| a2a object| a2a_config function| a2a_init function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init function| $ function| jQuery object| bootstrap function| formSubmit function| ajaxHit1 function| ajaxHit function| isUrlValid function| extractHostname function| toster object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDg5Mzg1ZDljZGMxMjJiYmxvYWRlcl9qcw== string| NDg5Mzg1ZDljZGMxMjJiYmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| google_empty_script_included boolean| 5a7dc6a6-6186-4a00-a7fe-f6d3bec01b2b

7 Cookies

Domain/Path Name / Value
letsdobookmark.com/ Name: ci_session
Value: 3qff4goap80m5n448uts2muu7di5glr5
.letsdobookmark.com/ Name: _ga
Value: GA1.1.580120465.1729475533
.letsdobookmark.com/ Name: _ga_R5JFYYBYHL
Value: GS1.1.1729475533.1.0.1729475533.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.letsdobookmark.com/ Name: __gads
Value: ID=c225b6ab56452329:T=1729475534:RT=1729475534:S=ALNI_MbMvOxHA1x3ubl7FIQrAissEHFmeA
.letsdobookmark.com/ Name: __gpi
Value: UID=00000db2dc4ea344:T=1729475534:RT=1729475534:S=ALNI_MYxwvgByQvN2gGqQcXQN8VYg5SHmQ
.letsdobookmark.com/ Name: __eoi
Value: ID=190ad315b6cc6acf:T=1729475534:RT=1729475534:S=AA-AfjZQRf5CXBJHBbkfBmfvMcd6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
letsdobookmark.com
pagead2.googlesyndication.com
stackpath.bootstrapcdn.com
static.addtoany.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
fundingchoicesmessages.google.com
tpc.googlesyndication.com
www.google.com
104.18.10.207
142.250.80.34
142.251.40.162
142.251.41.14
172.67.39.148
178.16.136.248
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::200e
2a02:4780:11:1374:0:1415:361d:5
04a5e2c749969cd28db8d8d651fb9e25112cc760812fc5b3b9ed207e7ff7d4ae
0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e
25413fa1055828a50c2935830d56b8237dc04c741336862cbe46632a1224af87
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
33dee2ef843e35863eeb403df2c8a27753e846518d1b448eed32e7d9426284e2
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3f0eb084c2010294c5d1b2007836453c3edc7d0d573dab73eda0b73c55e8b14b
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
5682bd372d5f2a3b632b94091c605274afd6984c00a48d557e2e924398167467
56b852372733999c028fa1cfb487cdabe252635cb6b280c1d597c4a07d292584
60f5f8e81b2bc1fa641e3aa3175862fde8a44cc238499d1bf5c1d5fe87601b70
7966f83cfcde5a78d1867b4e8939d831c624bbb9ae342fb43450dc7ba5b56d7c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c129fbf2304b6ce0f06985b2325720bf50a4e37d8e883f9c4f85b9b2b5806fb
7c261e579a28a2f8d77ad3a3c21b859dfbafe7d971a577e50d89d0be4c901902
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
888fb6de721fb6de5806e3fda71ef5ab647a7b14b1aa05832c96b6349b29fd6f
a1f3b15f040800408a1ffaa854ddc5582602c0bed29f128b4ccf2f01f9621bbf
a4391070d3792ab4f80baac897da6148c02aebaac26796863e4689ca497ac822
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382
d42117536826bc84cb0a1e05a32686d2f72324166eded07f97dfc10479541aa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e492b8ef0eaffdbe2bdec1bc4d72ea09fc6c95e8e2b5ae4bd3e83302c4d68d82
ec93af6d15afd75218c99e84a76ece7029a486e58eedf59f739a98f0df31eb90
ee7a380c64974c2d1d72b88bcb43350cc85b66e623fa058aca7e2b59ff2596cb
ef63dfaba03fbd416679b693d4fccc959e1aba98db0059a4f2e378d4cc3c77b2
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99