7df5f.0gke.com Open in urlscan Pro
2606:4700:3037::6815:229c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://7df5f.0gke.com/
Effective URL:
https://7df5f.0gke.com/conn.php
Submission: On January 26 via api (January 26th 2024, 12:52:58 am UTC) from US — Scanned from US

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3037::6815:229c, located in United States and belongs to CLOUDFLARENET, US. The main domain is 7df5f.0gke.com.
TLS certificate: Issued by E1 on January 25th 2024. Valid for: 3 months.

This is the only time 7df5f.0gke.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:a285	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3037::6815:229c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	64.34.156.170 64.34.156.170	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
37	12

1 2606:4700:3035::ac43:a285 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

7df5f.0gke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3037::6815:229c (United States)

ASN13335 (CLOUDFLARENET, US)

7df5f.0gke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.34.156.170 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: hp350.servername.online

topnew.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	228 KB
8	0gke.com 1 redirects 7df5f.0gke.com	49 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	84 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	47 KB
4	topnew.net topnew.net	36 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	172 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	256 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
0	googleadservices.com Failed www.googleadservices.com Failed
37	11

	Domain	Requested by
8	7df5f.0gke.com	1 redirects 7df5f.0gke.com
4	tpc.googlesyndication.com	googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	pagead2.googlesyndication.com	topnew.net pagead2.googlesyndication.com googleads.g.doubleclick.net
4	topnew.net	7df5f.0gke.com topnew.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	topnew.net googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	use.fontawesome.com	topnew.net use.fontawesome.com
1	www.google.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	code.jquery.com	topnew.net
0	www.googleadservices.com Failed
37	13

This site contains no links.

Subject Issuer	Validity	Valid
0gke.com E1	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.topnew.net R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://7df5f.0gke.com/conn.php
Frame ID: 863EBBE130E175A0BD37B5D85A3491D3
Requests: 7 HTTP requests in this frame

Frame: https://topnew.net/sidu/news?cms=SIDU2023.0707
Frame ID: 167EA0CC6C09826CB0BC484AE29DEC89
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 90D937F7C4C3DB92FACAB2D11C1DB705
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1706230375&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706230374913&bpp=4&bdt=590&idt=267&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=2759168975&frm=22&ife=1&pv=2&ga_vid=505852699.1706230375&ga_sid=1706230375&ga_hid=1960381903&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080591%2C31080620%2C44795922%2C31080644%2C95322182%2C95320891%2C95321627%2C95322165%2C95323009&oid=2&pvsid=1957492181818943&tmod=1690167494&uas=0&nvt=1&top=https%3A%2F%2F7df5f.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.130zxusd7915&fsb=1&dtd=296
Frame ID: D6178CAD403BF6EBF307E63198611884
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 02CC59BBEB9FF351F645348BE76EB784
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: 0509CEF0F276ED7876ECD42048C5624A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

- SIDU 2023.0707 Database Web GUI: MySQL + PostgreSQL + SQLite - topnew.net/sidu

Page URL History Show full URLs

http://7df5f.0gke.com/ HTTP 301
https://7df5f.0gke.com/ Page URL
https://7df5f.0gke.com/conn.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

95 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

714 kB
Transfer

1665 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://7df5f.0gke.com/ HTTP 301
https://7df5f.0gke.com/ Page URL
https://7df5f.0gke.com/conn.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://7df5f.0gke.com/ HTTP 301
https://7df5f.0gke.com/

Request Chain 32

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 33

https://googleads.g.doubleclick.net/pagead/adview?ai=CjPEFZwKzZdP7EZi7odAP9dqlwATrzJaKdPrywaSdEq-BuuPXAhABIKWd_QVgyYaAgNyjxBCgAerU_OgCyAEBqQILLI6NzzGyPqgDAcgDwwSqBN4BT9BQU8UDqdQMgh457R0FRf9lTA_OjbUqLq-7ndIT3rLC9AcPdmeei-OyjtkS-CYqoNuFqycGMdoQfTVNhyTdUWrqBeNLskGLZ_99hiLqwBYIqRTzJjlL6Fi1he_1zvAaNFKRB5mNXS21GUk7Bgn2ktdZ1iVP6123-L0UedxYHf0ZP4tR7zZShUgEew1JwwTaF13aWHdP3gVG9qE2S6jNAu3XcCWs4AAk8lSrxbC8N5bJh4eO__ucj3DwgwFjCyLsEMQQmdQ48X2CkVtt_kw6H-uqw_rzM1ho8vqw9uq9wASWm_KGugSIBbj1mfJMkgUECAQYAZIFBAgFGASgBmaAB_6qg5cBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQrsoQ0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlim2LC76_mDA5oJiQJodHRwczovL3d3dy5zb25hcnNvdXJjZS5jb20vcHJvZHVjdHMvc29uYXJxdWJlL2Rvd25sb2Fkcy8_Z2Fkc19jYW1wYWlnbj1TUS1OQS1CcmFuZCZnYWRzX2FkX2dyb3VwPUxhbmd1YWdlcyZnYWRzX2tleXdvcmQ9c29uYXIlMjBqYXZhJmNxX3NyYz1nb29nbGVfYWRzJmNxX2NtcD0yMDY0MDU5NDYxNiZjcV9jb249MTUzMDIyNjY0MDg2JmNxX3Rlcm09c29uYXIlMjBqYXZhJmNxX21lZD0mY3FfcGxhYz10b3BuZXcubmV0JmNxX25ldD1kJmNxX3Bvcz0mY3FfcGx0PWdwgAoByAsB2gwQCgoQsPrXv-epn65OEgIBA9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi01ODgyMDU3MTYxMzMzMjQ4GAA&sigh=nRsFvwqSOUs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf__dJ_FkjKde5XIArtxLA6yStE7Sv8a4rumTiphiL-0bRl5IrqHdDXsI24KGKQ1orSUusyd4cHtos2gnQ3v1tVm58MCwgkmQ2EqBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3799a18dbfdb8a770000000000000000%22,%222%22:%220x1c2744d38c4c0e500000000000000000%22,%223%22:%220x4dad0ca45b235b430000000000000000%22,%224%22:%220x87e08654f56fb0b20000000000000000%22,%225%22:%220x4d141177c34c75e40000000000000000%22},%22debug_key%22:%2215403770089168174796%22,%22debug_reporting%22:true,%22destination%22:%22https://sonarsource.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22757017194%22],%2222%22:[%22true%22],%224%22:[%2201-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224175523771031962913%22}&andc=true

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
7df5f.0gke.com/
Redirect Chain

http://7df5f.0gke.com/
https://7df5f.0gke.com/

83 B
730 B

403ms
280ms

Document
text/html

2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7df5f.0gke.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.26

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84b4c6916e5b21b5-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 00:52:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcupbY%2F5LiUZaUFxRZrmrEyxG20zO92caf8hre8IgSaDMQ7s%2F%2FdJogdAnq9xwkgp1Ib6Ss2usIm3fvwsWoWr3CWG6X0VmESFdI2ssTn460SAot5DL4mbEKYhCQv3UAgxQ3HDtozUqe%2BwQypX2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.26
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 84b4c6901f5b127b-MIA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 26 Jan 2024 00:52:51 GMT
Expires: Fri, 26 Jan 2024 01:52:51 GMT
Location: https://7df5f.0gke.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkLKd1e8iMiigJ84hbKJU8xlhZInOL8SuK2kwgvB0bLZb1XuSBeR4QLHWctON4AruzKiZ680tl4yzTOrcUbKlEBhc0dUFHIV2L4FfKZnvQ%2FYFRkvgY%2FpcMe5UsEbBTfi3DloVJTnIiGnGVsbig%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 Primary Request conn.php Show response
7df5f.0gke.com/ 6 KB
2 KB 126ms
125ms Document
text/html 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7df5f.0gke.com/conn.php

Requested by

Host: 7df5f.0gke.com
URL: https://7df5f.0gke.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.26

Resource Hash

c8a5aa4ac89cccc9a198fcd46196dc8bc5a81df1dccf725f4900b50977809318

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://7df5f.0gke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84b4c693797221b5-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 00:52:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9rKOFghrNweAvswQBvVZsJ8TUmnnjqkqLdM8MwGh4oseAfXJZ%2B1EgakNaL8e21M%2BMpI4KxSNxVrCBqEzhQ9gczx6lh%2FMM%2BYjSxJNkepjKx1nG%2FUXP2%2BmSEcdluhNtbHmVU%2FUxTz9EiILxmMcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.26
x-turbo-charged-by: LiteSpeed

GET
H3 200 sidu.css
7df5f.0gke.com/ 8 KB
3 KB 221ms
219ms Stylesheet
text/css 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7df5f.0gke.com/sidu.css

Requested by

Host: 7df5f.0gke.com
URL: https://7df5f.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1a8e36e2f728e3ec06613825e3589852b748505e5b91bed32c6b7e61f67633

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7df5f.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 24 May 2022 22:16:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHjb0CfgOALmDQtfsTaXmjQzei6xM76nGpVquFy1Qjvb2Wy%2FVyFC9QiT35dnTzWTH9gU1C9jBpWzFxWJdWndq3a%2BeVCl1R1k1pklNcpLOawm%2FOGqIEsVfX6%2FgzMaBOwaFnUIsj7QGzHs9XX8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84b4c6966a251287-MIA
expires: Fri, 02 Feb 2024 00:52:53 GMT

GET
H3 200 jquery-3.6.3.min.js Show response
7df5f.0gke.com/ 88 KB
32 KB 283ms
281ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7df5f.0gke.com/jquery-3.6.3.min.js

Requested by

Host: 7df5f.0gke.com
URL: https://7df5f.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7df5f.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 13:03:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzQ%2BDrkco9ALIxhZ4dQ2M89sGxyiQrVEIUMC0QC57vYRG7qQq3Gb58%2F7tatWS9NL%2BQIaaaHjrOdxCH%2BT0V6WXHUnHelW0roRopPUt%2BEs4ILn7DnMJmrkDvoKrE60IZDhR9bc81QT9qEz%2F8RhtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84b4c6966a271287-MIA

GET
H3 200 login-enc.js Show response
7df5f.0gke.com/ 5 KB
3 KB 225ms
223ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7df5f.0gke.com/login-enc.js

Requested by

Host: 7df5f.0gke.com
URL: https://7df5f.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

447145e39169829f17b64bf235f99d522f3e84a8c17698195559f79f3b509ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7df5f.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 24 May 2022 22:16:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQpVKN%2FY%2Bj9Uwd7eWJK4SgmNkcibRj87AfVnR6ILcCztxFTags%2F%2Bv6TsUYm8NE88m%2BtbNW1nQpF6rf%2FwzwDr3CwCiuSem%2BRpZslVUKcPeejJkjDEipQ1pWo38BNzf6YaBlQcFNO6uTQJ54WS2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84b4c6966a281287-MIA

GET
H3 200 login-md5.js Show response
7df5f.0gke.com/ 10 KB
4 KB 239ms
238ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7df5f.0gke.com/login-md5.js

Requested by

Host: 7df5f.0gke.com
URL: https://7df5f.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bcc31a554cece72f420a38e5b06cb04be1beba32aed255c70c12a24cdfb5087

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7df5f.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 24 May 2022 22:16:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTlk1wjHg6Ju5JRRVYrUY%2B68FY0p%2FKR8jdwGLFpVAJJ0trpwgfpIvDHQ2HexR7rQBGSV78TseZaXkUcS6bM3tH7C%2FI2tc2PfPbeo6J4xnafmEojNuBQm0d9zSGirRYdJ41ZJNwvOqc0V7lXxyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84b4c6966a291287-MIA

GET
H3 200 sidu.js Show response
7df5f.0gke.com/ 12 KB
4 KB 240ms
240ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7df5f.0gke.com/sidu.js

Requested by

Host: 7df5f.0gke.com
URL: https://7df5f.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7beb0fd3e45262a6edff993d3052c12de9db668d9928f4e9c76d318d4a17e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7df5f.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 17:37:56 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqJUysLJia6560gQ9fwQ06SsynQdptjDOR0Uy1BmlKHEKlCs2LeMNCc8Q7yEJa%2B518L3HhzKJRTNz5Ch04pmEFF81ayliVaCZu8VqulDx2gFSyUyYGnhyVR6Xskp1PQhENwUh767eYb2O18HTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84b4c6966a2a1287-MIA

GET
H2 200 news Show response
topnew.net/sidu/ Frame 167E 8 KB
3 KB 926ms
645ms Document
text/html 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Requested by: Host: 7df5f.0gke.com
URL: https://7df5f.0gke.com/conn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: abaef50143ab2ef71f6b85d1434cc0c93b7db63104dfc9697c848e055cf1cb22

Request headers

Referer: https://7df5f.0gke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 3127
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 00:52:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 css
fonts.googleapis.com/ Frame 167E 2 KB
795 B 214ms
78ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic

Requested by

Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 00:48:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 00:52:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 167E 1 KB
579 B 216ms
80ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round

Requested by

Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e8f6c52a5d1d59d3f77c9e5ea4d743304e9ece8760286465f0a1979b2640a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 00:50:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 00:52:54 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v6.1.1/css/ Frame 167E 98 KB
21 KB 120ms
45ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.1/css/all.css
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2242262
etag: W/"6386fb409d4a2abc96eee7be8f6d4cc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJxKOV4LjFpzAHZNUkbxCsOlP9YCjYLwJTdjRk9Zu0PnXX4NiEdQ216R9D2YZRAPmaxGkyUaIyKL0l%2FBZ8c38rWpruqpVshLTWp7bYi4nT%2BfL5nDVevBaKKw18DIq%2BvfQsxWA9cb9TxP3otyjZyvL6Cf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 84b4c6a01cbf74b8-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2023.css
topnew.net/css/ Frame 167E 32 KB
9 KB 86ms
84ms Stylesheet
text/css 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://topnew.net/css/2023.css
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: 1517b67ea313a267f9be4ac603480cc57ec64e8065bfa587d4e14868d6c62600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/sidu/news?cms=SIDU2023.0707
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: gzip
last-modified: Sun, 17 Sep 2023 07:38:03 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 8864

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ Frame 167E 87 KB
30 KB 104ms
33ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5627758
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mia-kmia1760084-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706230374.415053,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 22, 72487

GET
H2 200 2023.js Show response
topnew.net/css/ Frame 167E 6 KB
2 KB 84ms
83ms Script
application/javascript 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://topnew.net/css/2023.js
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: 29019d6efffcd98de5cc1f51e3620743a226ec86c07b3c763fa5e2b4d47ad00c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/sidu/news?cms=SIDU2023.0707
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: gzip
last-modified: Sun, 17 Sep 2023 07:04:42 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2424

GET
H2 200 sidu0.png
topnew.net/img/sidu/ Frame 167E 22 KB
22 KB 165ms
164ms Image
image/png 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://topnew.net/img/sidu/sidu0.png
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: 1533d1355e93924739f7c9f399d7de298f9bef4a3d4cec411b332ecb4a325c34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/sidu/news?cms=SIDU2023.0707
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
last-modified: Sat, 25 Feb 2017 01:53:32 GMT
server: Apache
accept-ranges: bytes
content-length: 22071
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 167E 149 KB
51 KB 246ms
107ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0462277913df46e1d4537212e34d39cf92d36aea555827e59a67af98de87cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51422
x-xss-protection: 0
server: cafe
etag: 4307594574299897741
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 26 Jan 2024 00:52:54 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ Frame 167E 25 KB
26 KB 207ms
67ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://topnew.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:08:02 GMT
x-content-type-options: nosniff
age: 560692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:08:02 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.1.1/webfonts/ Frame 167E 151 KB
151 KB 289ms
186ms Font
font/woff2 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.1.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Request headers

Referer: https://use.fontawesome.com/releases/v6.1.1/css/all.css
Origin: https://topnew.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:46:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "55b416a8df21f9f987aa352f10d1343b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm7%2Fl4pJhO5Emz%2FFxRMOyqEPRqAW%2FpFnAJQ9UiFVyt9IVgbZydtgCEW2Z3h%2Fye%2FJdRtlQhFOcdxn372belJlkDwbqOdGBp3t0skFn82dm%2F4D251oIYOXoKsmFnLPSXgJTOOMo1jIpgikL%2Fm82S4h7oK6"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84b4c6a1da39747f-MIA
alt-svc: h3=":443"; ma=86400
content-length: 154228

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ Frame 167E 405 KB
138 KB 127ms
123ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080644

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7d078c277af5c39ce6932f9e1f7eea186082f538c0e29dd8af18ab034a8a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140712
x-xss-protection: 0
server: cafe
etag: 5652510513689348689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:52:54 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 90D9 9 KB
5 KB 219ms
67ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topnew.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 31067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 16:15:08 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 16:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D617 129 KB
42 KB 772ms
770ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1706230375&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706230374913&bpp=4&bdt=590&idt=267&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=2759168975&frm=22&ife=1&pv=2&ga_vid=505852699.1706230375&ga_sid=1706230375&ga_hid=1960381903&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080591%2C31080620%2C44795922%2C31080644%2C95322182%2C95320891%2C95321627%2C95322165%2C95323009&oid=2&pvsid=1957492181818943&tmod=1690167494&uas=0&nvt=1&top=https%3A%2F%2F7df5f.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.130zxusd7915&fsb=1&dtd=296

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080644

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7dcca83d428ebb879371d3bd680a359ca21caa2b22579a576d5247f99baa92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topnew.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43065
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 00:52:55 GMT
expires: Fri, 26 Jan 2024 00:52:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame D617 9 KB
4 KB 205ms
64ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1706230375&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706230374913&bpp=4&bdt=590&idt=267&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=2759168975&frm=22&ife=1&pv=2&ga_vid=505852699.1706230375&ga_sid=1706230375&ga_hid=1960381903&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080591%2C31080620%2C44795922%2C31080644%2C95322182%2C95320891%2C95321627%2C95322165%2C95323009&oid=2&pvsid=1957492181818943&tmod=1690167494&uas=0&nvt=1&top=https%3A%2F%2F7df5f.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.130zxusd7915&fsb=1&dtd=296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 02:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 02:16:03 GMT

GET
H2 200 61a2be12b9460dda231d04ba33c3b95f.js Show response
www.gstatic.com/mysidia/ Frame D617 11 KB
5 KB 207ms
66ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/61a2be12b9460dda231d04ba33c3b95f.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d945ff79208e52415786f5193e989f9c32d2a31cc70dd18d38806887ce4935be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 02:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 02:54:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D617 14 KB
1 KB 80ms
79ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 00:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 00:34:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 00:52:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D617 2 KB
902 B 67ms
65ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:00:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame D617 23 KB
9 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:54:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D617 3 KB
1 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:54:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D617 20 KB
9 KB 205ms
65ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:54:38 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D617 205 KB
65 KB 248ms
92ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:52:56 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame D617 37 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 01:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 01:25:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 02CC 143 B
166 B 63ms
63ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1706230375&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706230374913&bpp=4&bdt=590&idt=267&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=2759168975&frm=22&ife=1&pv=2&ga_vid=505852699.1706230375&ga_sid=1706230375&ga_hid=1960381903&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080591%2C31080620%2C44795922%2C31080644%2C95322182%2C95320891%2C95321627%2C95322165%2C95323009&oid=2&pvsid=1957492181818943&tmod=1690167494&uas=0&nvt=1&top=https%3A%2F%2F7df5f.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.130zxusd7915&fsb=1&dtd=296
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 00:23:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D617 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b19a895c1025e73cd968a365200bd68f2e9322cd20b64deab6778423a6212bd9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D617 33 KB
33 KB 65ms
65ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:16:08 GMT
x-content-type-options: nosniff
age: 560208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:16:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 02CC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

412ms
411ms

Document
text/html

2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 00:52:57 GMT
expires: Fri, 26 Jan 2024 00:52:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 00:52:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET

/
www.googleadservices.com/pagead/ar-adview/ Frame D617
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CjPEFZwKzZdP7EZi7odAP9dqlwATrzJaKdPrywaSdEq-BuuPXAhABIKWd_QVgyYaAgNyjxBCgAerU_OgCyAEBqQILLI6NzzGyPqgDAcgDwwSqBN4BT9BQU8UDqdQMgh457R0FRf9lTA_OjbU...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3799a18dbfdb8a770000000000000000%22,%222%22:%220x1c2744d38c4c0e500000000000000000%22,%223%22:%220x4dad0c...

0
0

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 167E 4 KB
0 227ms
99ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js?bust=31080644

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12307
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0509 50 KB
19 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 560381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:13:16 GMT

OPTIONS /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3799a18dbfdb8a770000000000000000%22,%222%22:%220x1c2744d38c4c0e500000000000000000%22,%223%22:%220x4dad0ca45b235b430000000000000000%22,%224%22:%220x87e08654f56fb0b20000000000000000%22,%225%22:%220x4d141177c34c75e40000000000000000%22},%22debug_key%22:%2215403770089168174796%22,%22debug_reporting%22:true,%22destination%22:%22https://sonarsource.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22757017194%22],%2222%22:[%22true%22],%224%22:[%2201-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224175523771031962913%22}&andc=true

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3799a18dbfdb8a770000000000000000%22,%222%22:%220x1c2744d38c4c0e500000000000000000%22,%223%22:%220x4dad0ca45b235b430000000000000000%22,%224%22:%220x87e08654f56fb0b20000000000000000%22,%225%22:%220x4d141177c34c75e40000000000000000%22},%22debug_key%22:%2215403770089168174796%22,%22debug_reporting%22:true,%22destination%22:%22https://sonarsource.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22757017194%22],%2222%22:[%22true%22],%224%22:[%2201-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224175523771031962913%22}&andc=true

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			7df5f.0gke.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: q10qigb76fe2snsbcsh4sde62q
			.doubleclick.net/	1970-01-20 17:57:11	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7df5f.0gke.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
topnew.net
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.googleadservices.com
2606:4700:3035::ac43:a285
2606:4700:3037::6815:229c
2606:4700:e2::ac40:8d0d
2607:f8b0:4006:809::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2a04:4e42:400::649
64.34.156.170
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
1517b67ea313a267f9be4ac603480cc57ec64e8065bfa587d4e14868d6c62600
1533d1355e93924739f7c9f399d7de298f9bef4a3d4cec411b332ecb4a325c34
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
29019d6efffcd98de5cc1f51e3620743a226ec86c07b3c763fa5e2b4d47ad00c
2bcc31a554cece72f420a38e5b06cb04be1beba32aed255c70c12a24cdfb5087
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d1a8e36e2f728e3ec06613825e3589852b748505e5b91bed32c6b7e61f67633
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
447145e39169829f17b64bf235f99d522f3e84a8c17698195559f79f3b509ae5
4e8f6c52a5d1d59d3f77c9e5ea4d743304e9ece8760286465f0a1979b2640a7c
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5c7beb0fd3e45262a6edff993d3052c12de9db668d9928f4e9c76d318d4a17e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
aa7d078c277af5c39ce6932f9e1f7eea186082f538c0e29dd8af18ab034a8a5e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaef50143ab2ef71f6b85d1434cc0c93b7db63104dfc9697c848e055cf1cb22
b19a895c1025e73cd968a365200bd68f2e9322cd20b64deab6778423a6212bd9
c0462277913df46e1d4537212e34d39cf92d36aea555827e59a67af98de87cea
c7dcca83d428ebb879371d3bd680a359ca21caa2b22579a576d5247f99baa92f
c8a5aa4ac89cccc9a198fcd46196dc8bc5a81df1dccf725f4900b50977809318
d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
d945ff79208e52415786f5193e989f9c32d2a31cc70dd18d38806887ce4935be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

7df5f.0gke.com Open in urlscan Pro 2606:4700:3037::6815:229c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

95 %HTTPS

92 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

714 kBTransfer

1665 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

7df5f.0gke.com Open in urlscan Pro
2606:4700:3037::6815:229c Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

95 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

714 kB
Transfer

1665 kB
Size

2
Cookies

37 HTTP transactions
1 data transactions