urlscan.io logo urlscan.io
SecurityTrails logo

rpisvr.edu.kh Open in urlscan Pro
185.141.63.184  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Submission: On February 18 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 56 HTTP transactions. The main IP is 185.141.63.184, located in Cyprus and belongs to BELCLOUD, BG. The main domain is rpisvr.edu.kh.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 30th 2021. Valid for: 3 months.
This is the only time rpisvr.edu.kh was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Earthlink (Telecommunication)

Domain & IP information

30    185.141.63.184 (Cyprus)

ASN44901 (BELCLOUD, BG)
rpisvr.edu.kh
www.rpisvr.edu.kh
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4ff2a616a60bd7056a7495c3e0e65dac.safeframe.googlesyndication.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
30 rpisvr.edu.kh
rpisvr.edu.kh
www.rpisvr.edu.kh
214 KB
12 googlesyndication.com
4ff2a616a60bd7056a7495c3e0e65dac.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
81 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
111 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
133 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
792 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
27 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 Failed
1 KB
56 9
Domain Requested by
25 rpisvr.edu.kh 5 redirects rpisvr.edu.kh
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
rpisvr.edu.kh
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 www.rpisvr.edu.kh rpisvr.edu.kh
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
rpisvr.edu.kh
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com tpc.googlesyndication.com
rpisvr.edu.kh
1 4ff2a616a60bd7056a7495c3e0e65dac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googletagservices.com rpisvr.edu.kh
1 fonts.googleapis.com rpisvr.edu.kh
securepubads.g.doubleclick.net
56 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
rpisvr.edu.kh
cPanel, Inc. Certification Authority		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://rpisvr.edu.kh/Earthlink/myearthlink/
Frame ID: 13326F39564628C0F84B87F475273FB2
Requests: 26 HTTP requests in this frame

Frame: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Frame ID: 1FDBE17535DEE64AB9F479CACB3B30FC
Requests: 10 HTTP requests in this frame

Frame: https://4ff2a616a60bd7056a7495c3e0e65dac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D792A138C7DD4F919DF211202F8F61F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F262D7FD8F8AB4D447F1BD543B5F10E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FCF1D1B633CA1E3BD792521AD128E34
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: D5D83A10A97936690E16C6D6CEC4AEE0
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Web Mail

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

86 %
HTTPS

83 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

600 kB
Transfer

1492 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://rpisvr.edu.kh/Earthlink/myearthlink/images/ad-7.jpg HTTP 302
  • https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/ad-7.jpg
Request Chain 21
  • https://rpisvr.edu.kh/wam/images/earthlink/email_errbox_RED.gif HTTP 302
  • https://www.rpisvr.edu.kh/kh/wam/images/earthlink/email_errbox_RED.gif
Request Chain 22
  • https://rpisvr.edu.kh/wam/images/earthlink/password_errbox_RED.gif HTTP 302
  • https://www.rpisvr.edu.kh/kh/wam/images/earthlink/password_errbox_RED.gif
Request Chain 23
  • https://rpisvr.edu.kh/Earthlink/myearthlink/images/social/facebook.png HTTP 302
  • https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/facebook.png
Request Chain 24
  • https://rpisvr.edu.kh/Earthlink/myearthlink/images/social/twitter.png HTTP 302
  • https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/twitter.png

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rpisvr.edu.kh/Earthlink/myearthlink/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
8c88088de8816a1fc11aef063f0157e3e4310e43ec52954cb83e144b519e6c5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
br
Content-Length
4816
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
bootstrap.min.css
rpisvr.edu.kh/Earthlink/myearthlink/angularMVC/bootstrap/3.3.7/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/angularMVC/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
9821018b92e56594f8d16ab4f72ed7fd38e20ca46c655fc20ef75f1f9a297894

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 16:50:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18133
style60f0aa.css
rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/style60f0aa.css?v=6.5.102.04062020
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
c305537b8be6fba438c520f8be49b76148c3d6b0994479ce04d1b42252751cb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 16:50:32 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7087
chit.webmail.css
rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/ 		447 B
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/chit.webmail.css
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
f709cbbff351a282fad7e7b76ae15aaa674176e7ded538baa0568485d01c823c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 16:50:26 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
200
jquery-1.11.2.min.js
rpisvr.edu.kh/Earthlink/myearthlink/js/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/js/jquery-1.11.2.min.js
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
3f6161799d56db007d69b97e95b6f5b71adfd5c04ab9851aba850725fcae7a80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 13:53:46 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
32461
bootstrap.min.js
rpisvr.edu.kh/Earthlink/myearthlink/angularMVC/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/angularMVC/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
a941775825a8d5ee649c24f957a8bef34abc129258ea436aa427b37ed61cbce9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 13:50:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9510
login4ede.js
rpisvr.edu.kh/Earthlink/myearthlink/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/js/login4ede.js?v=6.5.102
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
15d74aad8e894bb52235df07600c0bd021df0bc18ccaac7051e1479b8e58a797

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 13:53:48 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1261
domains4ede.js
rpisvr.edu.kh/Earthlink/myearthlink/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/js/domains4ede.js?v=6.5.102
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
523f90b79d6c75a67902c699d45fd5e80bca2c722697b94946a7f76de81a3cd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 13:53:40 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
848
scripts4ede.js
rpisvr.edu.kh/Earthlink/myearthlink/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/js/scripts4ede.js?v=6.5.102
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
f3e555dff893a1170771035689f827f1cec322e0a2c97937757f6b5819b466b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 13:53:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3790
dropit4ede.js
rpisvr.edu.kh/Earthlink/myearthlink/js/ 		2 KB
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/js/dropit4ede.js?v=6.5.102
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
0fa9ead2fa219271d1215459a5bca1ceb0ffd368d26a4092b380a28e63102172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Content-Encoding
br
Last-Modified
Wed, 27 Jan 2021 13:53:40 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
544
elnk_logo.png
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/elnk_logo.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
b72865c6b577b87b4628d9923a04ac037ff3f0e4e63658394942965ec3c04b58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Tue, 21 Apr 2015 18:17:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
10817
nav_google_2017_sm.png
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/nav_google_2017_sm.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
25dba0315f17664357b238b8e2795bec1c01ad199d5ab6d52a83270b2f424529

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Thu, 02 Feb 2017 21:12:28 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
27409
mag_button_smaller.png
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/mag_button_smaller.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
7abf8fd346f413ae2fd27ef7d5fd95d0b72a4e15d6e7a59d5c4204cbde5c324e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Tue, 21 Apr 2015 21:17:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3589
home_icon.png
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/home_icon.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
78bdafd7dce1a758f0bc1ca75ce4b0db0c6dd23687f9961fc1300720979d7375

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Tue, 21 Apr 2015 21:17:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2274
gear_icon.png
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/gear_icon.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
db42be4b42f924f73a72a5878fa21f9a3e6d375715625ff30971f07f138deb94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Tue, 21 Apr 2015 21:17:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2629
elnk.png
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/elnk.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
dc9592a16e3d45fb837781129d5046b2adb8fa309ae7a885863814fb9e12406a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Tue, 30 Jul 2019 21:27:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
21329
button-signin.gif
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		523 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/button-signin.gif
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
798f36bdc9ac97242d74cb741e54a88cb925bbc1b372a22fac4a2084f9e588cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Sun, 14 Mar 2021 14:40:52 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
523
ad-7.jpg
www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/
Redirect Chain
  • https://rpisvr.edu.kh/Earthlink/myearthlink/images/ad-7.jpg
  • https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/ad-7.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/ad-7.jpg
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location
http://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/ad-7.jpg
Date
Fri, 18 Feb 2022 01:15:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
0
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
blank.html
rpisvr.edu.kh/Earthlink/myearthlink/html/ Frame 1FDB 		0
0
newNavBarH35.png
rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/earthlink/newNavBarH35.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
acf9973228c9c943c0852d24c3498b09866a91b30fe19cf3e5c613e32c0ab166

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Tue, 19 May 2015 23:28:42 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6609
email_errbox_RED.gif
www.rpisvr.edu.kh/kh/wam/images/earthlink/
Redirect Chain
  • https://rpisvr.edu.kh/wam/images/earthlink/email_errbox_RED.gif
  • https://www.rpisvr.edu.kh/kh/wam/images/earthlink/email_errbox_RED.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rpisvr.edu.kh/kh/wam/images/earthlink/email_errbox_RED.gif
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/style60f0aa.css?v=6.5.102.04062020
Protocol
HTTP/1.1
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location
http://www.rpisvr.edu.kh/kh/wam/images/earthlink/email_errbox_RED.gif
Date
Fri, 18 Feb 2022 01:15:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
0
Content-Type
text/html; charset=UTF-8
password_errbox_RED.gif
www.rpisvr.edu.kh/kh/wam/images/earthlink/
Redirect Chain
  • https://rpisvr.edu.kh/wam/images/earthlink/password_errbox_RED.gif
  • https://www.rpisvr.edu.kh/kh/wam/images/earthlink/password_errbox_RED.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rpisvr.edu.kh/kh/wam/images/earthlink/password_errbox_RED.gif
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/style60f0aa.css?v=6.5.102.04062020
Protocol
HTTP/1.1
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location
http://www.rpisvr.edu.kh/kh/wam/images/earthlink/password_errbox_RED.gif
Date
Fri, 18 Feb 2022 01:15:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
0
Content-Type
text/html; charset=UTF-8
facebook.png
www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/
Redirect Chain
  • https://rpisvr.edu.kh/Earthlink/myearthlink/images/social/facebook.png
  • https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/facebook.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/facebook.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/style60f0aa.css?v=6.5.102.04062020
Protocol
HTTP/1.1
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location
http://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/facebook.png
Date
Fri, 18 Feb 2022 01:15:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
0
Content-Type
text/html; charset=UTF-8
twitter.png
www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/
Redirect Chain
  • https://rpisvr.edu.kh/Earthlink/myearthlink/images/social/twitter.png
  • https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/twitter.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/twitter.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/style60f0aa.css?v=6.5.102.04062020
Protocol
HTTP/1.1
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location
http://www.rpisvr.edu.kh/kh/Earthlink/myearthlink/images/social/twitter.png
Date
Fri, 18 Feb 2022 01:15:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
0
Content-Type
text/html; charset=UTF-8
google_ad_login.html
rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/ Frame 1FDB 		1 KB
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
ced0c10408f0ed2705460f8241b7b06e599f23dc56eeaeb16fa3611363067959

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Server
Apache
Last-Modified
Sat, 10 May 2014 17:02:46 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
br
Content-Length
501
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html
bg-1.jpg
rpisvr.edu.kh/Earthlink/myearthlink/images/login/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rpisvr.edu.kh/Earthlink/myearthlink/images/login/bg-1.jpg
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.141.63.184 , Cyprus, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
Apache /
Resource Hash
e5bdda90560d74c1f1ab1ba5ad82df81dc00b3a85263c93d7c47b237a821dbe3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/Earthlink/myearthlink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 18 Feb 2022 01:15:35 GMT
Last-Modified
Thu, 14 Jan 2021 20:00:32 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
57664
gpt.js
www.googletagservices.com/tag/js/ Frame 1FDB 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f64ec674a59748c7002faee223a2672455c9727928f751a069307755a3b4ad56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 01:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27522
x-xss-protection
0
server
sffe
etag
"1135 / 582 of 1000 / last-modified: 1645139127"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Feb 2022 01:15:35 GMT
pubads_impl_2022021401.js
securepubads.g.doubleclick.net/gpt/ Frame 1FDB 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 21:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123280
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 09:43:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Feb 2023 21:52:55 GMT
integrator.js
adservice.google.de/adsid/ Frame 1FDB 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=rpisvr.edu.kh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 01:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1FDB 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rpisvr.edu.kh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 01:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1FDB 		51 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1269104918445383&correlator=2637118602088844&eid=31063378%2C44757100%2C31062930&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=9633201%2CELNK_Webmail_120x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&cookie_enabled=1&cdm=rpisvr.edu.kh&bc=31&abxe=1&dt=1645146936158&lmt=1399741366&dlt=1645146935853&idt=309&ea=0&frm=23&biw=1600&bih=1200&isw=120&ish=600&oid=2&adxs=1480&adys=129&adks=887437539&ucis=wi0wu9lbwrd4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Frpisvr.edu.kh%2FEarthlink%2Fmyearthlink%2Fbrand%2Fearthlink%2Fgoogle_ad_login.html&ref=https%3A%2F%2Frpisvr.edu.kh%2FEarthlink%2Fmyearthlink%2F&top=https%3A%2F%2Frpisvr.edu.kh%2FEarthlink%2Fmyearthlink%2F&vis=1&scr_x=0&scr_y=0&psz=120x600&msz=120x-1&ga_vid=966563468.1645146936&ga_sid=1645146936&ga_hid=487764438&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daf5474a2b799d193aa3090a6cb6171dfee5bc21a15c0631157a77faa181488f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 01:15:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12171
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rpisvr.edu.kh
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4ff2a616a60bd7056a7495c3e0e65dac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D792 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4ff2a616a60bd7056a7495c3e0e65dac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Feb 2022 01:15:36 GMT
expires
Sat, 18 Feb 2023 01:15:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1FDB 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2185b595a3d382c282d625286ad8a4e9d357a03a4e65917df87282d2dbb46ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Feb 2022 01:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9825
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1FDB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 01:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Feb 2022 01:15:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F262 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Feb 2022 19:51:25 GMT
expires
Fri, 17 Feb 2023 19:51:25 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
19451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3FCF 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2da44003064cea43c01786d930888a9829c242413905209d4aa0b9bfa0bb6add
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6xdZK5cC4qC6qjbYaLpohg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Feb 2022 01:15:36 GMT
date
Fri, 18 Feb 2022 01:15:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6xdZK5cC4qC6qjbYaLpohg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
k5pT0KbHUu3hEt9efW2jJzl2Td-_ix6W4xkPXjNBIu0.js
pagead2.googlesyndication.com/bg/ Frame F262 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k5pT0KbHUu3hEt9efW2jJzl2Td-_ix6W4xkPXjNBIu0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
939a53d0a6c752ede112df5e7d6da32739764ddfbf8b1e96e3190f5e334122ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:27:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
67712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13550
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Feb 2023 06:27:04 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame D5D8 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
286146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame D5D8 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
286146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame D5D8 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
286146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame D5D8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
286146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame D5D8 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
286146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
css
fonts.googleapis.com/ Frame D5D8 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 00:51:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Feb 2022 01:15:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Feb 2022 01:15:36 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D5D8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
56038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Feb 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D5D8 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
55351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Feb 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame D5D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUeWJ6S3H7VMUWVU9XJ3FVWcNiFR6Bto8CWaHQglYOouYU9WFHj97zRD1Lu0VlR-rpNZSJ
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D5D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDWuPOPMOYqLhDKex-gbk3oWwDYCvp5VfnZKcuZUMwfifrNgbEAEgl4n2FmCVgoCAsAegAajHh8sDyAEJqQJoo29KtA6zPuACAKgDAcgDCqoEpAJP0BF5NKBw3WVCjdCQoQw7kF-K4X0o79PsWzsx-LP66z9CFayutYfyTWBqt9lg4sL9Rx28xIGnb4Co1BPXWDRNb3FowCTrKjrWKNx8SVQ18DG7Mwbaqxe-NekEzgJywYSmk7-SrnXbYVI8m4-_6bWVrcZo0BaXrTE_9q1miZ9Txd-IBlSjeBaWdMo0lWkRqVzq-LZDcDpp0IjTzUwvQWNSDtlHE2PA_FeUJy7tW-2gdmCBFlWkgLbfvvgRNdG639wv0byhxMFZaHq6rNMPgqi_Yp-W4cMo-GKf6zVqL5ldSoR8HeRCaEeIWpQBf-XL0h6A6jxx94e0frIAyQP3BJZgEx2L0ql6m6fLu34CYy54bmnqy-tnvHfi1Tw9W4f9X2CjYZiMwASVocSAlQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHwLj4NKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKXsB9IICQiI4YBwEAEYHYAKA8gLAdgTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi0wNzE5Nzk5MTI4MTQ2NzgxGMmYEw&sigh=eUcIN504z_I&uach_m=[UACH]&template_id=484
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3FCF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021401&jk=1269104918445383&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F262 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?K4GJ9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 01:15:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
2076313506083323656
tpc.googlesyndication.com/simgad/14604034591255871272/ Frame D5D8 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14604034591255871272/2076313506083323656
Requested by
Host: rpisvr.edu.kh
URL: https://rpisvr.edu.kh/Earthlink/myearthlink/brand/earthlink/google_ad_login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f02da6f0267acf6e1e25ded885b035e0112a8a1e95e7ef36d74e193d1e457d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:09:44 GMT
x-content-type-options
nosniff
age
241552
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40515
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 08:59:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Feb 2023 06:09:44 GMT
truncated
/ Frame D5D8 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D5D8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
468b63f2021416b8f5b039a9f3cb0aa013fd1209d55ce265bc5df2008d5f8f05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D5D8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rpisvr.edu.kh
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:07:55 GMT
x-content-type-options
nosniff
age
191261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D5D8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rpisvr.edu.kh
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 11:22:37 GMT
x-content-type-options
nosniff
age
136379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 11:22:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FDB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021401&jk=1269104918445383&bg=!5-Sl5KDNAAbf-5Dq3_s7ACkAdvg8WjEX7rR_QniGWveymbGqwFtkG3ekgkrPBqTOxJBqLvYgebiyoQIAAABmUgAAAAJoAQeZAtccGKFdMFWMroeNPpdbM9Lu0ZyrP3OoaY22rfYMIqwo0W6W-jB3LRz6Eafhwwte4yMWgdPjC9NATvLihw-8xjPaeu8iZpLH1BPSF7PKcAornU4D51aiWWlF_cZkfRU9Om4pID7OSE4deQmvDIxFVqGXwBPZm9CtMxQMy8JdS47WJ245E8xpQF-LbhQwzdYYe1_xDz77fnj3RbI0dgcLj7hzfmmnRhWN3mHTqVd7_8CxfLWYs9XRTOoz6jcm7K5QGo3ZQTbqYZj8EQA1kjw3XJKSetzYRpTgssJRZRZzvLrAuXEO4K52AZMwiJV1pJJtjeJYVgXqoGxWUFbvEq8L-JEdB1gZaKUIqviKts2JAH1kSBs8cOWKO49QKlfYttZNoYWa-1xax_j4hPeYIgDbIlApL_pTOkXm9-D44Jb0710z43O1d1DfKPZlzv7ep-sPFItt9ZhX2stkJUfB8vqGJtkmYh54P1nARKXySQhUvthsTKa3pMqHcY-JZC7YFQc3f37wDxU2xAubaO1ebzxhePJjABnzF-Ta3dffMm_kBFCQPQpKbc_ULKmYi53fetAYXMxAPEiPRUMwny8EvZRuhyKHykRgs1uTQJ4rxF4OzKQA_8mq7N99ugOl8TLqtL2w3uiRsd07u_xP61UN_UOrcx1MvcUpr3b32BCMWyhUbSMYr-dG1_Fh0KmkECYy7unl8XfBgdlTOMWiPctGCaqon1g1T6qXMYiWReEFpzcOh2QzMp4-Nr2QKMORooTjUooVswRIMQ2kl-Z-zEYbFRBZThlJrscJvEBPX4A03A927eKui2Bg3EZbfiK2qP5iQ5NhmIdrN-iEKywvC0l1mPQ7QJLCTDU2ii4kxLRNUvICeQUl2ZSX-h6WVefxc_wjlhGmahX4YKQaOtNi20bMzgn1bY9qKn_JFzKrsG2VuvBEckcYBi4T2LZ8PB1sfLnKFs7hAeTOCfuuCAoa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 01:15:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D5D8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHedV0lZxLhY9dSMDbfsnSU4Cabmi2_cy4akRnhNTSZAmtMCY0x_q4OWmjhhgFyrISNKU5xN88aHX3MCR9CFmP9suRCN7WZ3sbR2X9SMY_ui70GQm-rQ&sai=AMfl-YQR2iuUlRCqhe4jgnsfqPYxzqHvLLx0x3XGoCe31rE9RXT-DnEGcQW1_LhgnCjUkZoMiKLBLT5hskbTNoNU1J38YgcM66zCBFKFDM-T91mmplOCp-8-7_TRuIgtlMgm&sig=Cg0ArKJSzF3MzvjtI8z6EAE&cid=CAASPeRowbYhI7DwR7yUvpys4w-mmAfSQdw934tFqCH3DmG3gaMoANgzlFr3Ubbc3Ahf_Gr_hi_14nKiZAw7_ec&id=ampim&o=1480,129&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=182&tls=1182&g=100&h=100&tt=1182&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=887437539
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rpisvr.edu.kh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Feb 2022 01:15:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Hind:400,600,700
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Montserrat:400,%20700
Domain
rpisvr.edu.kh
URL
https://rpisvr.edu.kh/Earthlink/myearthlink/html/blank.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Earthlink (Telecommunication)

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone function| $ function| jQuery object| jQuery11120965382615704077 object| curDateTime number| tzoffset string| capsLockOnMsg string| maxLengthOver string| invalidCharacter object| validUnameList object| validAlphaNumList function| getit function| warnMessage function| clearWarn function| checkCapsLock function| checkInvalidChar function| hideInlineError function| loadFocus function| getCookieVal function| GetCookie function| DeleteCookie function| frameBreakout boolean| loggingIn function| checkLogin function| mapDomain function| rwmCheckLogin function| rwmMapDomain object| d object| hostMap boolean| allAllowed boolean| farmEnabled boolean| languageEnabled boolean| sslonly boolean| checkjs boolean| aiDomainCheck function| popup function| tapopup function| updateTabs function| closewin function| lTrim function| rTrim function| trim function| createRequest function| composeLoaded function| makeAsyncRequest function| join_objects function| expiresdate object| TREE2_TPL object| iconset_suspect object| iconset_spam object| iconset_sent_spam object| iconset_inbox object| iconset_sent object| iconset_drafts object| iconset_trash object| iconset_oldmail function| msgMoreActions function| msgActionsSelector function| msgAttachHandler function| basename function| statusMessage object| infoMsgRef object| errorMsgRef function| clearMsg function| createMethodReference function| aeaChangeSignature function| isNodeDescendentOfNode function| getScrollHeight function| getScrollXY function| getWindowSize function| sizePreviewIFrame string| agent number| is_ie5up number| browserOK boolean| richCapable function| constructUrl object| doOnLoad function| init function| adbannerReplace number| copyYear object| zone1DynamicPromoArr object| zone2DynamicPromoArr object| zone3DynamicPromoArr object| zone4DynamicPromoArr function| generateRandom number| elnk_Wam70_Promo1_Index number| elnk_Wam70_Promo2_Index number| arrLength number| elnk_Wam70_Img_Index object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

3 Cookies

Domain/Path Name / Value
www.rpisvr.edu.kh/ Name: ci_session
Value: 9d1806ad8ffdcb9484162f469db41b05bd434b46
.rpisvr.edu.kh/ Name: __gads
Value: ID=8bac9d2356c4c5fc-22e2462d47cd009f:T=1645146936:S=ALNI_Mb5I_RxwykZDcpwzkYpii_ZYwjrUw
.doubleclick.net/ Name: IDE
Value: AHWqTUlAdU3NVV39PoNLidjo1mx8x9ziFjWTJZ0mQitnvdQuSHQ19hvNHIk4oWm5GYM

3 Console Messages

Source Level URL
Text
security error URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Message:
Mixed Content: The page at 'https://rpisvr.edu.kh/Earthlink/myearthlink/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Hind:400,600,700'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://rpisvr.edu.kh/Earthlink/myearthlink/
Message:
Mixed Content: The page at 'https://rpisvr.edu.kh/Earthlink/myearthlink/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Montserrat:400,%20700'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4ff2a616a60bd7056a7495c3e0e65dac.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
rpisvr.edu.kh
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.rpisvr.edu.kh
fonts.googleapis.com
rpisvr.edu.kh
142.250.181.226
185.141.63.184
2a00:1450:4001:800::2001
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fa9ead2fa219271d1215459a5bca1ceb0ffd368d26a4092b380a28e63102172
15d74aad8e894bb52235df07600c0bd021df0bc18ccaac7051e1479b8e58a797
2185b595a3d382c282d625286ad8a4e9d357a03a4e65917df87282d2dbb46ae0
25dba0315f17664357b238b8e2795bec1c01ad199d5ab6d52a83270b2f424529
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2da44003064cea43c01786d930888a9829c242413905209d4aa0b9bfa0bb6add
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
3f6161799d56db007d69b97e95b6f5b71adfd5c04ab9851aba850725fcae7a80
468b63f2021416b8f5b039a9f3cb0aa013fd1209d55ce265bc5df2008d5f8f05
523f90b79d6c75a67902c699d45fd5e80bca2c722697b94946a7f76de81a3cd8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
78bdafd7dce1a758f0bc1ca75ce4b0db0c6dd23687f9961fc1300720979d7375
798f36bdc9ac97242d74cb741e54a88cb925bbc1b372a22fac4a2084f9e588cb
7abf8fd346f413ae2fd27ef7d5fd95d0b72a4e15d6e7a59d5c4204cbde5c324e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8c88088de8816a1fc11aef063f0157e3e4310e43ec52954cb83e144b519e6c5b
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
939a53d0a6c752ede112df5e7d6da32739764ddfbf8b1e96e3190f5e334122ed
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
9821018b92e56594f8d16ab4f72ed7fd38e20ca46c655fc20ef75f1f9a297894
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a941775825a8d5ee649c24f957a8bef34abc129258ea436aa427b37ed61cbce9
acf9973228c9c943c0852d24c3498b09866a91b30fe19cf3e5c613e32c0ab166
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b72865c6b577b87b4628d9923a04ac037ff3f0e4e63658394942965ec3c04b58
c305537b8be6fba438c520f8be49b76148c3d6b0994479ce04d1b42252751cb9
ced0c10408f0ed2705460f8241b7b06e599f23dc56eeaeb16fa3611363067959
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
daf5474a2b799d193aa3090a6cb6171dfee5bc21a15c0631157a77faa181488f
db42be4b42f924f73a72a5878fa21f9a3e6d375715625ff30971f07f138deb94
dc9592a16e3d45fb837781129d5046b2adb8fa309ae7a885863814fb9e12406a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bdda90560d74c1f1ab1ba5ad82df81dc00b3a85263c93d7c47b237a821dbe3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02da6f0267acf6e1e25ded885b035e0112a8a1e95e7ef36d74e193d1e457d76
f3e555dff893a1170771035689f827f1cec322e0a2c97937757f6b5819b466b5
f64ec674a59748c7002faee223a2672455c9727928f751a069307755a3b4ad56
f709cbbff351a282fad7e7b76ae15aaa674176e7ded538baa0568485d01c823c