urlscan.io logo urlscan.io
SecurityTrails logo

idmr500.shrewdies.net Open in urlscan Pro
172.67.165.146  Public Scan

Go To Rescan Add Verdict Report
URL: https://idmr500.shrewdies.net/
Submission: On August 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 28 HTTP transactions. The main IP is 172.67.165.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is idmr500.shrewdies.net.
TLS certificate: Issued by WE1 on August 7th 2024. Valid for: 3 months.
This is the only time idmr500.shrewdies.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 172.67.165.146 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 172.67.22.135 13335 (CLOUDFLAR...)
5 172.253.115.155 15169 (GOOGLE)
4 172.253.62.157 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
28 7
4    172.67.165.146 (United States)

ASN13335 (CLOUDFLARENET, US)
idmr500.shrewdies.net
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700:10::6816:379f (United States)

ASN13335 (CLOUDFLARENET, US)
hypothes.is
5    172.67.22.135 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hypothes.is
hypothes.is
5    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
pagead2.googlesyndication.com
4    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
googleads.g.doubleclick.net
4    2607:f8b0:4004:c07::64 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
6 hypothes.is
hypothes.is — Cisco Umbrella Rank: 78966
cdn.hypothes.is — Cisco Umbrella Rank: 185849
70 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
304 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
74 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
4 shrewdies.net
idmr500.shrewdies.net
17 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
28 6
Domain Requested by
5 pagead2.googlesyndication.com idmr500.shrewdies.net
pagead2.googlesyndication.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 cdn.hypothes.is idmr500.shrewdies.net
hypothes.is
4 idmr500.shrewdies.net idmr500.shrewdies.net
2 hypothes.is 1 redirects cdn.hypothes.is
1 static.cloudflareinsights.com idmr500.shrewdies.net
28 7

This site contains links to these domains. Also see Links.

Domain
x.com
cse.google.com
Subject Issuer Validity Valid
idmr500.shrewdies.net
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
hypothes.is
E5		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://idmr500.shrewdies.net/
Frame ID: D1CC87EE71A8D44062642C0794D2E696
Requests: 23 HTTP requests in this frame

Frame: https://hypothes.is/app.html
Frame ID: 2BEACD581611CC46EB2C2842B1B1E5E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/zrt_lookup_fy2021.html
Frame ID: 8A9B37E219FAC7C2C072C29FC1D4491D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857169685716700&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723090589&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fidmr500.shrewdies.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=29_18~32_18~27_9~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723090588711&bpp=4&bdt=1149&idt=686&shv=r20240801&mjsv=m202408050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=763432798335&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95334526%2C95334829%2C95337869%2C95338227%2C31084184%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=278764507069765&tmod=2069702581&uas=0&nvt=1&fsapi=1&fc=1920&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=709
Frame ID: 6F8AA9A932B8D020960C2A052E6A6188
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/zrt_lookup_fy2021.html
Frame ID: C066A638F49183AB63BD8924EC045044
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/zrt_lookup_fy2021.html
Frame ID: 2EC9BB8457CA1A4F108D416ECF3ED7E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

splintermeme

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

28
Requests

79 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

473 kB
Transfer

1415 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://hypothes.is/embed.js HTTP 302
  • https://cdn.hypothes.is/hypothesis

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
idmr500.shrewdies.net/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idmr500.shrewdies.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb6b334e2985d2d0c51bd29401ee2e50b13983749ff2358a1137893b1a33754
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8afcb0eb7edecb8a-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 08 Aug 2024 04:16:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRHM5hK5uSsLN10a4XNuMc6wR9TbRPm7iDXphcg9vvYkM2O%2FRpYGkxzBst6tEQYXyB0u71%2Fr9koSImKD5jyoAWyRM4OjZIgWxJ%2FNe9nyFwwc3xfk%2BE0Fva8NMJ1WelQSmrfoP4ENir8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
global.css
idmr500.shrewdies.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idmr500.shrewdies.net/css/global.css
Requested by
Host: idmr500.shrewdies.net
URL: https://idmr500.shrewdies.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc706c7f55d6af6fc6e13fc65aa1afd4ca82441bfe246de423c018eaf624742
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9d8989c252d8a4fd797a29f16baeaf0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvLc%2FkJ%2BIvGpZCBnpDmei2QlLXkko7itu1ypLE6cPxkrYaCb%2BfQP79GzUDPAd3UbblR0wZSoLONPrdnARsGE8TqNZXkBafZR9c%2BV3VqgyFB0kbxV38ylxNxTucDtny8ENCQab7uaQcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2678400, must-revalidate
cf-ray
8afcb0ec8a25cb8a-LAX
priority
u=0,i=?0
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: idmr500.shrewdies.net
URL: https://idmr500.shrewdies.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://idmr500.shrewdies.net/
Origin
https://idmr500.shrewdies.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:27 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8afcb0ed88842eba-LAX
gg-cvl3Gf6-460.webp
idmr500.shrewdies.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idmr500.shrewdies.net/gg-cvl3Gf6-460.webp
Requested by
Host: idmr500.shrewdies.net
URL: https://idmr500.shrewdies.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63981a45a5a4d3b48a63a3931ba0273cdec8c5e9432250ea31086bec1f0ddf99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9366
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"35f7175e6fc1ce644e42af2e603b5952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgZahoxySj2miTtsSfOjCXFCDvUqhvdiVQIGaIGOlZoDiO%2F5VBNlxHvSr6FSa2LKntRUkXfZrIjFUOGsLwYYBJjQnUrle%2FPcPuQDgxH2cyt0Yg3YNj10dhVJQrNm9QuayCmEut3QTNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2678400, must-revalidate
accept-ranges
bytes
cf-ray
8afcb0eeea93cb8a-LAX
priority
u=3,i
s.js
idmr500.shrewdies.net/cdn-cgi/zaraz/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://idmr500.shrewdies.net/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyc3BsaW50ZXJtZW1lJTIyJTJDJTIyeCUyMiUzQTAuNTI3NjI3Nzc5NjgyMjU2NiUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGaWRtcjUwMC5zaHJld2RpZXMubmV0JTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0E2MDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by
Host: idmr500.shrewdies.net
URL: https://idmr500.shrewdies.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08009a78227822c16ff44d0fa4a4264d99947194bce15215dc4229f00bb904b

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://idmr500.shrewdies.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reGN7oGhuIgTZ%2BdMCOURTXJkFtYkBpEfj0fy1rwn091SRPr9umdtAoVQdqu%2BQuT71qvKUwnE7Hbn0Ff20l7u8PZuqmMIyI7FUlnXNQ9fwoNShNyETfRad%2FE08AVavENbgFuDnuJCGUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-credentials
true
x-robots-tag
none
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
priority
u=3,i=?0
cf-ray
8afcb0eefa9ccb8a-LAX
hypothesis
cdn.hypothes.is/
Redirect Chain
  • https://hypothes.is/embed.js
  • https://cdn.hypothes.is/hypothesis
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hypothes.is/hypothesis
Requested by
Host: idmr500.shrewdies.net
URL: https://idmr500.shrewdies.net/
Protocol
H3
Server
172.67.22.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd7e20cd4309a501feca559532469e30efeb8f8493c51a412a0402535e89054
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-request-id
VWP5RPJPYTK3F7M3
age
164
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FSdxAF1hCXNR3UqltHz60rPUHOMsuT34Bbw5kPgWdZxZcN+d7deejRc2D6WgBtW9MXvbUN02rWM=
last-modified
Mon, 05 Aug 2024 13:28:03 GMT
server
cloudflare
etag
W/"4669bca0dc69b569ed9bfeffa8f1315c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120, s-maxage=300, must-revalidate
cf-ray
8afcb0f24bc72b58-LAX

Redirect headers

date
Thu, 08 Aug 2024 04:16:28 GMT
content-security-policy
font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.googletagmanager.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
105
alt-svc
h3=":443"; ma=86400
content-length
202
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
cloudflare
vary
Cookie, Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cdn.hypothes.is/hypothesis
cache-control
public, max-age=1800
cf-ray
8afcb0f0eea97bef-LAX
expires
Thu, 08 Aug 2024 04:19:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857169685716700
Requested by
Host: idmr500.shrewdies.net
URL: https://idmr500.shrewdies.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
cdb6762cee9a014928385545028081bf9fd680676c9824ee90bff71fd3eab452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
Origin
https://idmr500.shrewdies.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53083
x-xss-protection
0
server
cafe
etag
12049349336463053418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 08 Aug 2024 04:16:28 GMT
annotator.css
cdn.hypothes.is/hypothesis/1.1510.0/build/styles/ 		59 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hypothes.is/hypothesis/1.1510.0/build/styles/annotator.css?b9acfc
Requested by
Host: hypothes.is
URL: https://hypothes.is/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b120c250a1ee5ce6f1acf525ebd97cbdc353aa235b5dedca1f982577da531daa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-request-id
30P4KEJJA8SGFETB
age
225848
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
A2EjPT7+D3jJkY7uUzuNUXRLk0bYO0Ux0nu8q3/THhdDwVefG8lFwo5enBHb9pjgaUV18VFSX+sixI9+llWyFQqSx08BBJNbwRvHKu5qEnE=
last-modified
Mon, 05 Aug 2024 13:28:03 GMT
server
cloudflare
etag
W/"0d299948643749af4192b486ea5c87cf"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=315360000, immutable
cf-ray
8afcb0f2fc972b58-LAX
annotator.bundle.js
cdn.hypothes.is/hypothesis/1.1510.0/build/scripts/ 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hypothes.is/hypothesis/1.1510.0/build/scripts/annotator.bundle.js?9d758e
Requested by
Host: hypothes.is
URL: https://hypothes.is/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e967460ebb1f1ff3170d9809e6beb4a720979947cfb0c490c4f331dcc03e00
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-request-id
30P9QR5MAQTEWEW9
age
225848
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VNat3guQn2ziGgPO0u3KfHw+Dp7VlFT5SKeWnghg1CKAedoBmzlifJJAnfSyWmh05OvIw2uYyg9J6zRaHMfk1w==
last-modified
Mon, 05 Aug 2024 13:28:02 GMT
server
cloudflare
etag
W/"48ff78915bee34766cbf687de5e8e8de"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000, immutable
cf-ray
8afcb0f2fc992b58-LAX
highlights.css
cdn.hypothes.is/hypothesis/1.1510.0/build/styles/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hypothes.is/hypothesis/1.1510.0/build/styles/highlights.css?6b4ebd
Requested by
Host: hypothes.is
URL: https://hypothes.is/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478b9c6162ec28a6f00259db41737370fb74e329add2e72d74846f1f56996f7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-request-id
30P1JW2E5F0AQW0P
age
225848
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fLm4rsQoxh1fYzm6LeztmKlKCYIeMOvYybbFcEPKjvUwBFt4yNsEtVe/umAC+hYFAdL3rJaynEG4Yf2JSAoX2rh2cysA1cEt+kKykF8/Gcc=
last-modified
Mon, 05 Aug 2024 13:28:02 GMT
server
cloudflare
etag
W/"abbe9400099959552fde7846bb3b5c1f"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=315360000, immutable
cf-ray
8afcb0f2fc9b2b58-LAX
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857169685716700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
4d8d6d30ca8e6b495417dc729c1bb9771d80a13057e305ff03291733b1b9aba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146364
x-xss-protection
0
server
cafe
etag
2314552583475530344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Aug 2024 04:16:28 GMT
app.html
hypothes.is/ Frame 2BEA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hypothes.is/app.html
Requested by
Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.1510.0/build/scripts/annotator.bundle.js?9d758e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.hypothes.is; style-src https://cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://idmr500.shrewdies.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
206
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
8afcb0f59a067c2d-LAX
content-encoding
gzip
content-security-policy
script-src https://cdn.hypothes.is; style-src https://cdn.hypothes.is 'unsafe-inline'
content-type
text/html; charset=UTF-8
date
Thu, 08 Aug 2024 04:16:29 GMT
etag
W/"Us38DEevUN/Bx/Kprt7OIw"
expires
Thu, 08 Aug 2024 04:18:03 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/ Frame 8A9B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
13401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 00:33:08 GMT
etag
2738592464165616
expires
Thu, 22 Aug 2024 00:33:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6F8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857169685716700&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723090589&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fidmr500.shrewdies.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=29_18~32_18~27_9~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723090588711&bpp=4&bdt=1149&idt=686&shv=r20240801&mjsv=m202408050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=763432798335&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95334526%2C95334829%2C95337869%2C95338227%2C31084184%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=278764507069765&tmod=2069702581&uas=0&nvt=1&fsapi=1&fc=1920&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=709
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
63940
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 04:16:30 GMT
expires
Thu, 08 Aug 2024 04:16:30 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/ 		171 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ee818866a631870e5d91e582054c397bbfec0be3bc3423e5d804e37175acb05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58900
x-xss-protection
0
server
cafe
etag
9131725360640533057
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Aug 2024 04:16:30 GMT
ca-pub-4857169685716700
fundingchoicesmessages.google.com/i/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4857169685716700?href=https%3A%2F%2Fidmr500.shrewdies.net&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c18ec9e7e64a0a67dd6646edf9019b26e90b15f8a0ab9714fd5a3a6e63707faa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8dLSjduCunm8-ZGmDCnG7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-8dLSjduCunm8-ZGmDCnG7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0JBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QLz34yXWo0AsxMMxv_fiVjaBBw09axmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDMz0DIziCwwApA1CGQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
AGSKWxV-meK1Q0avzWFsP7Vrir8ClRuDP-uO94VYiXeLSBc2-D1idUK4zoPkNeBwdmKCgcutog0Zq4fYkYvAxiHiHeI5ASz6RcYfGeQQbfY2IQwsKUINkPmjohdItQ29zVOvjS0wvrd6gA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV-meK1Q0avzWFsP7Vrir8ClRuDP-uO94VYiXeLSBc2-D1idUK4zoPkNeBwdmKCgcutog0Zq4fYkYvAxiHiHeI5ASz6RcYfGeQQbfY2IQwsKUINkPmjohdItQ29zVOvjS0wvrd6gA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMDkwNTkxLDc3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9pZG1yNTAwLnNocmV3ZGllcy5uZXQvIixudWxsLFtbOCwiX0FJXzNGQS1JRHciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTg4XSxudWxsLDEyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44351a0aaa3894d33bd32a5cd6ffad3730b92771bd59e6ec3e4f8dc508ca596e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UsW2XLrnya8rVHiPj9u8bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-UsW2XLrnya8rVHiPj9u8bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QLz34yXWo0AsxMMxv_fiVjaBExOXzGNW0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjGwMDDTMzCKLzAAAKStQh0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/ Frame C066 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
13401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 00:33:08 GMT
etag
2738592464165616
expires
Thu, 22 Aug 2024 00:33:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/ Frame 2EC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240801/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
13401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Aug 2024 00:33:08 GMT
etag
2738592464165616
expires
Thu, 22 Aug 2024 00:33:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWRJYkG8ZKWYjYbjam8GKUst2d792BxBEfumCrU2G7_VZwq88RgmV0y2sHVxYDjJiXI63nySSFScNh6LcYgXdcJPrIjt8p3x97xScdHUTPG3_hUvAZipbFqJ8HcSPY013csCjafRw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRJYkG8ZKWYjYbjam8GKUst2d792BxBEfumCrU2G7_VZwq88RgmV0y2sHVxYDjJiXI63nySSFScNh6LcYgXdcJPrIjt8p3x97xScdHUTPG3_hUvAZipbFqJ8HcSPY013csCjafRw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMDkwNTkxLDk1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaWRtcjUwMC5zaHJld2RpZXMubmV0LyIsbnVsbCxbWzgsIl9BSV8zRkEtSUR3Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE4OF0sbnVsbCwxMl0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/am=Phg/d=1/rs=AJlcJMzPOKRQGDxwekI4N1e9rxCZI7CpDA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b103e46ba36d400c3caf78265e0cfa0e75f9ac5508ad6f6286988ebdf82971b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FJbU7mZKCdfs5xW8FHlpfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-FJbU7mZKCdfs5xW8FHlpfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmII1pBiUAzbyXTi1m2mC0B83ukO03Uglvj6kkkNiJ3SZ7AGALFP_QzWKCBuvXmOdTIQJ_07z1oAxO5aF1n9gXhJxEXWA4kXWQ0VLrHaA_H0-kus84F478dLrEeBWIibY0Hvxa1sAjMW_xVX0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjGwMDDTMzCKLzAAAC5-Qxc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ad-iframe
fundingchoicesmessages.google.com/f/AGSKWxVukhGzK8AaoMG1bddlc5NB-I6NbdGo4XtUM2sg714uK1QEJ5T17TrI1INMWKAUu629sW0-_jwyF14Qq5rMWj5oA4P8oge_FRePdBTP0uaTjrlEC-fH-aBwjfdQ3sd9Gc89Fv0fT__LEklZuHPYQnpu1XPTC... 		54 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVukhGzK8AaoMG1bddlc5NB-I6NbdGo4XtUM2sg714uK1QEJ5T17TrI1INMWKAUu629sW0-_jwyF14Qq5rMWj5oA4P8oge_FRePdBTP0uaTjrlEC-fH-aBwjfdQ3sd9Gc89Fv0fT__LEklZuHPYQnpu1XPTCGS_PhQaXr5WlpJlGl7cHTHvCQqKIiJL/_/leftad./ad-iframe?/ad-indicator-_160x300..adnigma.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw722AxF2pldMwnOPD84NaQklHqCA/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1127fccd6b59e72bbbc4239c44eb1bf7364221578f0b55cdc769212e09d6f4a6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aN8fMrwyteGd7mgykUjHiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:32 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aN8fMrwyteGd7mgykUjHiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQCzEw7Gg9-JWNoEfy5b0MCtpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgYmOkZGMUXGAAAtoM9SQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._AI_3FA-IDw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw722AxF2pldMwnOPD84NaQklHqCA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
e728d20d1f48e1f6b02689dbebdfbbeccc1e2af6ce33de2f185e1b5dfd9b436c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://idmr500.shrewdies.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 04:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53082
x-xss-protection
0
server
cafe
etag
7229929130755122750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 08 Aug 2024 04:16:32 GMT
AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxWakViIKYXK-egqhqk0ZYgoBOrmIPG1cqVLBZvC960rzFlcxz84oBLUwUO2UoarbmarjIrQ3cs0iwoaTdfMDWvCLamHBruP7RWBKksb3iJD677Z6mTyjN1Ha5wy_R48dVSXGNE21A==
fundingchoicesmessages.google.com/f/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxXL4KQzm_RZMLjslBrdcOiIUBpOfQ3Ry3oHWfBQZDkFUc3c9NvLa8YFWoGzhuIpkAyRvSJvGSr-EnCRcLzF0fDxJR4-uqWivn3gbItZsY-7gm9rrfeOZoPAqrqjwtaauEvNx2icVA==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/f/AGSKWxWakViIKYXK-egqhqk0ZYgoBOrmIPG1cqVLBZvC960rzFlcxz84oBLUwUO2UoarbmarjIrQ3cs0iwoaTdfMDWvCLamHBruP7RWBKksb3iJD677Z6mTyjN1Ha5wy_R48dVSXGNE21A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMDkwNTkyLDk2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pZG1yNTAwLnNocmV3ZGllcy5uZXQvIixudWxsLFtbOCwiX0FJXzNGQS1JRHciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTg4XSxudWxsLDEyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| zarazData object| zaraz object| __cfBeacon object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| applyFocusVisiblePolyfill function| Hammer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjQ3NzAzZTYwMmJmNmYyOWxvYWRlcl9qcw== string| MjQ3NzAzZTYwMmJmNmYyOWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag

5 Cookies

Domain/Path Name / Value
.shrewdies.net/ Name: cfz_mixpanel
Value: %7B%22loOo_a2d9ffe4a3924ba1fd68f509e70c045c%22%3A%7B%22v%22%3A%22%257B%2522distinct_id%2522%253A%2522c8d5c1c3-1171-49d8-a1bb-65caa841a024%2522%252C%2522%2524device_id%2522%253A%2522c8d5c1c3-1171-49d8-a1bb-65caa841a024%2522%252C%2522%2524initial_referrer%2522%253A%2522%2524direct%2522%252C%2522%2524initial_referring_domain%2522%253A%2522%2524direct%2522%257D%22%2C%22e%22%3A1754626587996%7D%7D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.shrewdies.net/ Name: __gads
Value: ID=7b91b8c1348ae4a8:T=1723090589:RT=1723090589:S=ALNI_MaGn8wagzsXK346Q50ugpvc5zw4Gg
.shrewdies.net/ Name: __gpi
Value: UID=00000ec81d038246:T=1723090589:RT=1723090589:S=ALNI_Mbf_FLpMjSrJlPmDeANqmhB5NBfRg
.shrewdies.net/ Name: __eoi
Value: ID=1756cf9d822ad12e:T=1723090589:RT=1723090589:S=AA-AfjY3cHDmSZqKVhs-sT0y4oDk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.hypothes.is
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hypothes.is
idmr500.shrewdies.net
pagead2.googlesyndication.com
static.cloudflareinsights.com
fundingchoicesmessages.google.com
172.253.115.155
172.253.62.157
172.67.165.146
172.67.22.135
2606:4700:10::6816:379f
2606:4700::6810:4f49
2607:f8b0:4004:c07::64
1127fccd6b59e72bbbc4239c44eb1bf7364221578f0b55cdc769212e09d6f4a6
3dc706c7f55d6af6fc6e13fc65aa1afd4ca82441bfe246de423c018eaf624742
44351a0aaa3894d33bd32a5cd6ffad3730b92771bd59e6ec3e4f8dc508ca596e
478b9c6162ec28a6f00259db41737370fb74e329add2e72d74846f1f56996f7e
4d8d6d30ca8e6b495417dc729c1bb9771d80a13057e305ff03291733b1b9aba5
63981a45a5a4d3b48a63a3931ba0273cdec8c5e9432250ea31086bec1f0ddf99
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8cd7e20cd4309a501feca559532469e30efeb8f8493c51a412a0402535e89054
98e967460ebb1f1ff3170d9809e6beb4a720979947cfb0c490c4f331dcc03e00
b103e46ba36d400c3caf78265e0cfa0e75f9ac5508ad6f6286988ebdf82971b0
b120c250a1ee5ce6f1acf525ebd97cbdc353aa235b5dedca1f982577da531daa
bfb6b334e2985d2d0c51bd29401ee2e50b13983749ff2358a1137893b1a33754
c18ec9e7e64a0a67dd6646edf9019b26e90b15f8a0ab9714fd5a3a6e63707faa
cdb6762cee9a014928385545028081bf9fd680676c9824ee90bff71fd3eab452
d08009a78227822c16ff44d0fa4a4264d99947194bce15215dc4229f00bb904b
e728d20d1f48e1f6b02689dbebdfbbeccc1e2af6ce33de2f185e1b5dfd9b436c
ee818866a631870e5d91e582054c397bbfec0be3bc3423e5d804e37175acb05e