pt.yulk.me Open in urlscan Pro
172.66.0.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://yulk.me/
Effective URL:
https://pt.yulk.me/
Submission: On October 18 via api (October 18th 2024, 5:30:45 am UTC) from IN — Scanned from CA

Summary HTTP 39 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 8 domains to perform 39 HTTP transactions. The main IP is 172.66.0.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is pt.yulk.me.
TLS certificate: Issued by E5 on September 5th 2024. Valid for: 3 months.

This is the only time pt.yulk.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
1	172.66.0.96 172.66.0.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	64.233.180.154 64.233.180.154	15169 (GOOGLE) (GOOGLE)
8	108.139.38.191 108.139.38.191	16509 (AMAZON-02) (AMAZON-02)
2	142.251.163.147 142.251.163.147	15169 (GOOGLE) (GOOGLE)
1	209.85.232.97 209.85.232.97	15169 (GOOGLE) (GOOGLE)
1	172.217.197.94 172.217.197.94	15169 (GOOGLE) (GOOGLE)
3	172.217.197.156 172.217.197.156	15169 (GOOGLE) (GOOGLE)
1	173.194.175.102 173.194.175.102	15169 (GOOGLE) (GOOGLE)
14	172.217.197.138 172.217.197.138	15169 (GOOGLE) (GOOGLE)
2	173.194.175.132 173.194.175.132	15169 (GOOGLE) (GOOGLE)
39	11

1 216.239.34.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

yulk.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.96 (United States)

ASN13335 (CLOUDFLARENET, US)

pt.yulk.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.233.180.154 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.139.38.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-191.jfk50.r.cloudfront.net

d29gj98dwc2jpk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.197.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.175.102 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.197.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f138.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.175.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google.com www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	76 KB
8	cloudfront.net d29gj98dwc2jpk.cloudfront.net	361 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	227 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
2	yulk.me 1 redirects yulk.me pt.yulk.me	6 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	gstatic.com www.gstatic.com	216 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	105 KB
39	8

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	d29gj98dwc2jpk.cloudfront.net	pt.yulk.me d29gj98dwc2jpk.cloudfront.net
5	pagead2.googlesyndication.com	pt.yulk.me pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	pt.yulk.me tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	pt.yulk.me
1	pt.yulk.me
1	yulk.me	1 redirects
39	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.flaticon.com
fontawesome.com

Subject Issuer	Validity	Valid
pt.yulk.me E5	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://pt.yulk.me/
Frame ID: C04DE879FC6D20A6AD1CA05D4E7CB8AD
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: C9E3EF94D529735ADC47B2896C17EE1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801830112391521&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729229440&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpt.yulk.me%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729229441198&bpp=89&bdt=248&idt=252&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5246985168054&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42533203%2C42532523%2C95344189%2C95345270&oid=2&pvsid=1639346715218265&tmod=757770819&uas=0&nvt=1&fsapi=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: 960001F202E4EFD18B3183356AB17828
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801830112391521&output=html&h=280&slotname=8756072709&adk=1267771760&adf=1839787983&pi=t.ma~as.8756072709&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1729229440&rafmt=1&format=1110x280&url=https%3A%2F%2Fpt.yulk.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729229441288&bpp=40&bdt=338&idt=201&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5246985168054&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42533203%2C42532523%2C95344189%2C95345270&oid=2&pvsid=1639346715218265&tmod=757770819&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=209
Frame ID: 5F01A74711038EB458549DB076BEF224
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: B3043822BF0DF95273E9BACDE8A5C182
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C3702823B09D73E1D4909F64081F771
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yulk - Feito para você encontrar

Page URL History Show full URLs

https://yulk.me/ HTTP 302
https://pt.yulk.me/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

39
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

11
IPs

1
Countries

991 kB
Transfer

2675 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ptyulkme/

Search URL Search Domain Scan URL

URL: https://twitter.com/ptyulkme

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC3nFdtTsKPWPnr23yaH-aXA

Search URL Search Domain Scan URL

URL: https://www.flaticon.com/
Title: Flaticon

Search URL Search Domain Scan URL

URL: https://fontawesome.com/
Title: Fonte Awesome

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://yulk.me/ HTTP 302
https://pt.yulk.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
pt.yulk.me/
Redirect Chain

https://yulk.me/
https://pt.yulk.me/

19 KB
6 KB

277ms
99ms

Document
text/html

172.66.0.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.yulk.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5ab1f3e3ad9be8291115207bd85f759fca14886b709746fb6ad6e07e54da7372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: MISS
cf-ray: 8d4623455f43abdc-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 18 Oct 2024 05:30:40 GMT
last-modified: Fri, 18 Oct 2024 05:30:40 GMT
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding
x-do-app-origin: 7bae44cc-5c50-4df3-bba3-5a207a0bab24
x-do-orig-status: 200
x-powered-by: PHP/7.4.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 18 Oct 2024 05:30:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://pt.yulk.me
pragma: no-cache
server: Google Frontend
x-cloud-trace-context: e8c842ab7e18864b8573f4fed830153d
x-powered-by: PHP/7.4.33

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 156ms
71ms Script
text/javascript 64.233.180.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3801830112391521

Requested by

Host: pt.yulk.me
URL: https://pt.yulk.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f154.1e100.net

Software

cafe /

Resource Hash

eb96eb80d24a0c1c85dcec9c4517eb948e8958ad5ebfe3f66729e473c76c94d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: br
etag: 18034949582526564336
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 05:30:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 18 Oct 2024 05:30:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53299
x-xss-protection: 0
server: cafe

GET
H2 200 jquery-3.5.1.min.js Show response
d29gj98dwc2jpk.cloudfront.net/assets/js/ 87 KB
30 KB 298ms
141ms Script
application/javascript 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/assets/js/jquery-3.5.1.min.js
Requested by: Host: pt.yulk.me
URL: https://pt.yulk.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

x-amz-cf-pop: JFK50-P2
cache-control: max-age=31536000
content-encoding: br
etag: W/"9ac39dc31635a363e377eda0f6fbe03f"
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: b4Bh6o2s0mzXpFaoflXXw6YBBTedfgr0Ltrp_s8JkdCGLsTK68ooSA==
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Sun, 21 Aug 2022 01:50:32 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
969 B 150ms
59ms Script
text/javascript 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: pt.yulk.me
URL: https://pt.yulk.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f147.1e100.net

Software

ESF /

Resource Hash

667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 05:30:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 18 Oct 2024 05:30:41 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
105 KB 172ms
62ms Script
application/javascript 209.85.232.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XCNHZM6QEV

Requested by

Host: pt.yulk.me
URL: https://pt.yulk.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

783f373dab5a8d8c22ec672b68dcbcf32af01d0f65b5fc1fe17e2c40584512c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 18 Oct 2024 05:30:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106983
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 popper.min.js Show response
d29gj98dwc2jpk.cloudfront.net/assets/js/ 21 KB
7 KB 43ms
40ms Script
application/javascript 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/assets/js/popper.min.js
Requested by: Host: pt.yulk.me
URL: https://pt.yulk.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 999832c54857ca93b05ad3e5116a49fc77b2b50be987cdea23558d4cd1e897d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

x-amz-cf-pop: JFK50-P2
cache-control: max-age=31536000
content-encoding: br
etag: W/"2514ff0dbf342d8c605b41d0f68cc60d"
age: 28703267
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 8MZ45LkDClvkhFYB7FDj1DttnkSi0MTi_hxlozQouNwe4Q1rEK9dZw==
date: Tue, 21 Nov 2023 00:22:55 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Sun, 21 Aug 2022 02:09:35 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 bootstrap.min.js Show response
d29gj98dwc2jpk.cloudfront.net/assets/js/ 59 KB
14 KB 105ms
103ms Script
application/javascript 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/assets/js/bootstrap.min.js
Requested by: Host: pt.yulk.me
URL: https://pt.yulk.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35af7c74478e50e12b60f848f8aee3db99ebc592b95d13f8d1398e134b8a0214

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

x-amz-cf-pop: JFK50-P2
cache-control: max-age=31536000
content-encoding: br
etag: W/"452d101ba13fc09c830695dbd4304b5e"
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 3D6OmDj55BW_LJduQyzGoAK999zAKvrYuxuX3_jchhzoWQgstRFHJA==
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Sun, 21 Aug 2022 02:13:38 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 bootstrap.min.css
d29gj98dwc2jpk.cloudfront.net/assets/css/ 208 KB
32 KB 110ms
108ms Stylesheet
text/css 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/assets/css/bootstrap.min.css
Requested by: Host: pt.yulk.me
URL: https://pt.yulk.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24d978cc22f25715234680b33c31f30482a4088d1cc1fe8bf4f7c4690e826465

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

x-amz-cf-pop: JFK50-P2
cache-control: max-age=31536000
content-encoding: br
etag: W/"ad13a3c0e8034bcb4e2610f146e4bf83"
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: -40buStbtchGwYeA3-VMyyDNoKSs9GeJszr8VBb0mKvTfIat0XufAA==
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: text/css
vary: Accept-Encoding
server: AmazonS3
last-modified: Thu, 27 May 2021 14:24:09 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 all.css
d29gj98dwc2jpk.cloudfront.net/fontawesome/css/ 136 KB
21 KB 47ms
45ms Stylesheet
text/css 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/fontawesome/css/all.css
Requested by: Host: pt.yulk.me
URL: https://pt.yulk.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39ba548f24975068a891f529480a9e49ea3d139bf6845e4cda5e696930d93201

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

x-amz-cf-pop: JFK50-P2
cache-control: max-age=31536000
content-encoding: br
etag: W/"59e626fe99d31dfded1e674a4089e0c8"
age: 28703328
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: -Rn-dYB7w44LwVV01o3C9cpx2zcMseAho5N2LMGdGktFAJaDX4TbCA==
date: Tue, 21 Nov 2023 00:21:54 GMT
content-type: text/css
vary: Accept-Encoding
server: AmazonS3
last-modified: Sat, 20 Aug 2022 22:30:00 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/ 422 KB
141 KB 82ms
81ms Script
text/javascript 64.233.180.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3801830112391521

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f154.1e100.net

Software

cafe /

Resource Hash

73177344d64ce991277771a3eef38d030e4bcd7f0083e57c5ff6c52402a785ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: br
etag: 8246247723478703733
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 05:30:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 18 Oct 2024 05:30:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 143854
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
0 0ms
0ms Script
text/javascript 64.233.180.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3801830112391521

Requested by

Host: pt.yulk.me
URL: https://pt.yulk.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f154.1e100.net

Software

cafe /

Resource Hash

eb96eb80d24a0c1c85dcec9c4517eb948e8958ad5ebfe3f66729e473c76c94d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pt.yulk.me
Referer: https://pt.yulk.me/

Response headers

content-encoding: br
etag: 18034949582526564336
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 05:30:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 18 Oct 2024 05:30:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53299
x-xss-protection: 0
server: cafe

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 544 KB
216 KB 131ms
48ms Script
text/javascript 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pt.yulk.me
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
age: 272647
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 01:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 01:46:34 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220736
x-xss-protection: 0
server: sffe

GET
H2 200 fa-solid-900.woff2
d29gj98dwc2jpk.cloudfront.net/fontawesome/webfonts/ 151 KB
152 KB 111ms
38ms Font
binary/octet-stream 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: d29gj98dwc2jpk.cloudfront.net
URL: https://d29gj98dwc2jpk.cloudfront.net/fontawesome/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pt.yulk.me
Referer: https://d29gj98dwc2jpk.cloudfront.net/fontawesome/css/all.css

Response headers

etag: "be4dccbe54eea47a0ad5d7bb60a3c17d"
age: 66853
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: fbHzxuj9nmLtzyIelklELbUzMYUTbERkUmFEKDQ_HcKO5busojCBcw==
date: Thu, 17 Oct 2024 10:56:29 GMT
content-type: binary/octet-stream
last-modified: Sun, 21 Aug 2022 00:09:05 GMT
cache-control: max-age=31536000
via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 154840
x-amz-cf-pop: JFK50-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fa-brands-400.woff2
d29gj98dwc2jpk.cloudfront.net/fontawesome/webfonts/ 103 KB
103 KB 112ms
39ms Font
binary/octet-stream 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: d29gj98dwc2jpk.cloudfront.net
URL: https://d29gj98dwc2jpk.cloudfront.net/fontawesome/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pt.yulk.me
Referer: https://d29gj98dwc2jpk.cloudfront.net/fontawesome/css/all.css

Response headers

etag: "5531dd3a7705ec68a6c5f5d02b25da6f"
age: 28703267
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: Vh2nqaR1RyUyPxmuoZi3hD8ycsR3ugN1ScDtWcHd8RqeckMnIZ_kVg==
date: Tue, 21 Nov 2023 00:22:55 GMT
content-type: binary/octet-stream
last-modified: Sun, 21 Aug 2022 00:09:01 GMT
cache-control: max-age=31536000
via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 105112
x-amz-cf-pop: JFK50-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame C9E3 0
0 147ms
49ms Document
text/html 172.217.197.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.yulk.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 59992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 12:50:49 GMT
etag: 13108003645644964576
expires: Thu, 31 Oct 2024 12:50:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9600 0
0 210ms
124ms Document
text/html 172.217.197.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801830112391521&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729229440&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpt.yulk.me%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729229441198&bpp=89&bdt=248&idt=252&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5246985168054&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42533203%2C42532523%2C95344189%2C95345270&oid=2&pvsid=1639346715218265&tmod=757770819&uas=0&nvt=1&fsapi=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.yulk.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 955
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 05:30:41 GMT
expires: Fri, 18 Oct 2024 05:30:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5F01 0
0 254ms
196ms Document
text/html 172.217.197.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801830112391521&output=html&h=280&slotname=8756072709&adk=1267771760&adf=1839787983&pi=t.ma~as.8756072709&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1729229440&rafmt=1&format=1110x280&url=https%3A%2F%2Fpt.yulk.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729229441288&bpp=40&bdt=338&idt=201&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5246985168054&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42533203%2C42532523%2C95344189%2C95345270&oid=2&pvsid=1639346715218265&tmod=757770819&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=209

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.yulk.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 05:30:41 GMT
expires: Fri, 18 Oct 2024 05:30:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 164ms
52ms Fetch
text/plain 173.194.175.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XCNHZM6QEV&gtm=45je4ah0v884196056za200&_p=1729229441282&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101686685~101823847&cid=973076161.1729229442&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729229441&sct=1&seg=0&dl=https%3A%2F%2Fpt.yulk.me%2F&dt=Yulk%20-%20Feito%20para%20voc%C3%AA%20encontrar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1160
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCNHZM6QEV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.175.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qs-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pt.yulk.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:41 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ca-pub-3801830112391521 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 239ms
72ms Script
application/javascript 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3801830112391521?href=https%3A%2F%2Fpt.yulk.me&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

fdbbef6201c424d5c19547b1dbd23d120f506d20338f0a565d276e2698d5cb62

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ja7tiHsZ0A-A32vkZP7Yow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:41 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XA0Pj2-g03gRN-DLcxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGhqZ6BubxBQYASApKmA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ja7tiHsZ0A-A32vkZP7Yow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 191ms
91ms XHR
text/html 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMx-kEBojdBO-rePMeTec-RoFL__BA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nZaVaNSEX85YBRXkYH0vbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIibo-np8R1sAjs-nM5QcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBoZmegZm8QUGAMzNL4M"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nZaVaNSEX85YBRXkYH0vbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxWXizdbSUxFKiqPPiwoHTjeYkl3ppvNprKVkCuXH1MXNE3M3xlKEpf5vVkKBS4A0NhGp8QleEnDihMqKeXjbiOwO5xzS7ZzqAB7Fd5hzMlCMWSi0bCRCfc2OnhwUiepfZbiD6B7Dg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 73ms
71ms Script
application/javascript 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWXizdbSUxFKiqPPiwoHTjeYkl3ppvNprKVkCuXH1MXNE3M3xlKEpf5vVkKBS4A0NhGp8QleEnDihMqKeXjbiOwO5xzS7ZzqAB7Fd5hzMlCMWSi0bCRCfc2OnhwUiepfZbiD6B7Dg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjI5NDQyLDExOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wdC55dWxrLm1lLyIsbnVsbCxbWzgsIlR5MGhlTWZ6WDNzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sMTYsMTFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

7ec359934f6f4f00d3b5f0d1300c9a8662056bfafa52a56b9cf2d632bfd55a03

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hYODhiJud22330IIx8oyVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXM0PT2-g01gx8xt_koaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgaGpnoG5vEFBgDvakn9"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hYODhiJud22330IIx8oyVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 147ms
64ms XHR
application/json 64.233.180.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f154.1e100.net

Software

cafe /

Resource Hash

1f080a467aa9087c91e4fd68aeb9814ba7ca801f0eee95eb4f754b04f5c962e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13174
date: Fri, 18 Oct 2024 05:30:42 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 favicon-32x32.png
d29gj98dwc2jpk.cloudfront.net/images/ 1 KB
2 KB 39ms
39ms Other
image/png 108.139.38.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29gj98dwc2jpk.cloudfront.net/images/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-191.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecf05caa36be4d0595036c8d16d3ed698ca5162e030d099b687988aab8f925d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

cache-control: max-age=31536000
etag: "165d2819aa063c9e5adda1ee2a0002ad"
age: 70747
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1401
x-amz-cf-id: 3xBY-O80SHBMZfN7amVn9m2cIY-92s2GQl6oaBGwdmGWRLH8AYDejw==
date: Thu, 17 Oct 2024 09:51:36 GMT
content-type: image/png
last-modified: Sat, 22 May 2021 21:11:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 156ms
51ms Script
text/javascript 173.194.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f132.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 05:30:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame B304 0
0 144ms
50ms Document
text/html 173.194.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.yulk.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 04:57:47 GMT
expires: Fri, 18 Oct 2024 05:47:47 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 9C37 0
0 138ms
57ms Document
text/html 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f147.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cITNuNIjTJDkvoK_Qgo0WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.yulk.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cITNuNIjTJDkvoK_Qgo0WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 05:30:42 GMT
expires: Fri, 18 Oct 2024 05:30:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fl. Show response
fundingchoicesmessages.google.com/f/AGSKWxUXNQibUCTajTLh-O0GBfPDEdAq9ut_e1RRPAint9dxeTZaU_7C6rSsa3x7DoIcuEFD2WlnGoYPt8E1nlob0cLjO20_Cju0yRdhR-yrciOJocfmb6IdBH5pq5s3J7DmjUyzLCT0RYwVG0z8yuAwZIFuUUcjg... 54 B
109 B 96ms
95ms Script
application/javascript 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUXNQibUCTajTLh-O0GBfPDEdAq9ut_e1RRPAint9dxeTZaU_7C6rSsa3x7DoIcuEFD2WlnGoYPt8E1nlob0cLjO20_Cju0yRdhR-yrciOJocfmb6IdBH5pq5s3J7DmjUyzLCT0RYwVG0z8yuAwZIFuUUcjgoZ-64XQeDONu0777pFvl3c9S2sTdhAo/_/cont-adv./nb/avanti./xwords./ad-right2./delivery/fl.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxUPD0xmZnYVZPX03o5ddtfCFBSgg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

0434a1f08b43acfbc2dcefe599423d8ac28122ca4bc596910d26b30dbcbf2db3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-l7pgbHl8SNSUuf3Q7nyWPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XA0PT2-g01gwqLr55iVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE31DMzjCwwAO7ZKeQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-l7pgbHl8SNSUuf3Q7nyWPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 44ms
43ms Script
text/javascript 64.233.180.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f154.1e100.net

Software

cafe /

Resource Hash

369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: br
etag: 16970699533094014674
age: 208
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 06:27:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 18 Oct 2024 05:27:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15115
x-xss-protection: 0
server: cafe

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0LbohpJntXrbh1zAGWZ6-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo-np8R1sAhv-zN3PrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfQMzOILDADv5i-y"
content-security-policy: script-src 'report-sample' 'nonce-0LbohpJntXrbh1zAGWZ6-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BHPrS3H3Kd_BedaGP75IDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:42 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw15BiWMS_i8kpfQZrEBC7a11k9Qfir3susf4F4r0fL7EeBWIhHo6mp8d3sAnsOPbxOrOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0MDTTMzCLLzAAAK-4MV4"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BHPrS3H3Kd_BedaGP75IDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RBHSeyvMgxgwuwQ1FFiz6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIibo_np8R1sAh0LzwsouSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA0MzPQOz-AIDAJLTLrQ"
content-security-policy: script-src 'report-sample' 'nonce-RBHSeyvMgxgwuwQ1FFiz6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1QSbRGbo2GotcsQYiKxvKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIibo_np8R1sAjN2bpFXcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBoZmegZm8QUGAJiJLss"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1QSbRGbo2GotcsQYiKxvKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxW4k235XOMxvlSgm7A0Dwz-f4Rn4i89cN8ZnHwIotjgr1C9Uz9fy0YiKqm9vJFqcrEEsvd3GNeHWLtt_EKj6V715bVUwd7v0Q9-_JMLbswSHD3VaDOMnuVOutjMy3swTXJVTeVycw== Show response
fundingchoicesmessages.google.com/f/ 5 KB
2 KB 72ms
72ms Script
application/javascript 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4k235XOMxvlSgm7A0Dwz-f4Rn4i89cN8ZnHwIotjgr1C9Uz9fy0YiKqm9vJFqcrEEsvd3GNeHWLtt_EKj6V715bVUwd7v0Q9-_JMLbswSHD3VaDOMnuVOutjMy3swTXJVTeVycw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjI5NDQzLDMwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDZdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3B0Lnl1bGsubWUvIixudWxsLFtbOCwiVHkwaGVNZnpYM3MiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY4XSwxNiwxMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

bf1ed397343d681926c1e9cadde3e5fd7a9c40482c35b10e3eb5dc82ece6b37d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kxqn3CaVEYLzH6R_pfw70w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXM0Pz2-g02go-eImJJGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJoYGhqZ6BeXyBAQDaM0mR"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kxqn3CaVEYLzH6R_pfw70w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pRgg1hByfLqBoxUzyEyxxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIibo_np8R1sAheuvTVVcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBoZmegZm8QUGAMlzL3Q"
content-security-policy: script-src 'report-sample' 'nonce-pRgg1hByfLqBoxUzyEyxxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVSN6oIpu7wrCP77BN-u1KBcKhSYNiKm6ClNDCA9-KsxQfU5T6jRoKsok977hd9vItuhyj-V4ys-LR2ODh0YskvORHxyBNKa6FAMnHEN3IdX4QokGxb7DGegzI2YjwZAXyma8kSFg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 79ms
78ms Script
application/javascript 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVSN6oIpu7wrCP77BN-u1KBcKhSYNiKm6ClNDCA9-KsxQfU5T6jRoKsok977hd9vItuhyj-V4ys-LR2ODh0YskvORHxyBNKa6FAMnHEN3IdX4QokGxb7DGegzI2YjwZAXyma8kSFg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjI5NDQzLDgwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wdC55dWxrLm1lLyIsbnVsbCxbWzgsIlR5MGhlTWZ6WDNzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sMTYsMTFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

93eaaebbae7a7275adfc5638074c6ee4184f4128315cd08d0b3514ed9c302681

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xVysOFsG3VBaAGHE2M_zmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXM0Pz2-g03gx6lZdkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgaGpnoG5vEFBgD2uEo6"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xVysOFsG3VBaAGHE2M_zmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXYlBMLSmMrtw3cMNkhPnLF7B80lFgJ4DGH7G4GCWP9O7Zfk5xngj98-yya2oIDsQD7J7mYMZil2a_opgSQfXWj4i2k8Mhmbl7_xcamm0w634iAiCX_gSQzumZkv6k2QnZhBp4EYw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
71ms Script
application/javascript 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYlBMLSmMrtw3cMNkhPnLF7B80lFgJ4DGH7G4GCWP9O7Zfk5xngj98-yya2oIDsQD7J7mYMZil2a_opgSQfXWj4i2k8Mhmbl7_xcamm0w634iAiCX_gSQzumZkv6k2QnZhBp4EYw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MjI5NDQzLDE2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwicHQtUFQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wdC55dWxrLm1lLyIsbnVsbCxbWzgsIlR5MGhlTWZ6WDNzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sMTYsMTFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

51ee1a70f12a5f81c9517ad1343613693d88c3fdf0b87f38c15a01dba4ec6351

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w8bv76z0RZFjCgZG2ZLvkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pt.yulk.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXM0Pz2-g03gwa4NyUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgaGpnoG5vEFBgD3lkpK"
content-security-policy: script-src 'report-sample' 'nonce-w8bv76z0RZFjCgZG2ZLvkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV9TA93aNCc6Ff3t-nkyjiuMoJWLXkas2W4SuDggwamfeHeh0ARVXR6Up-uDyTuormw4FcjHsaZ-0YlfC5TvUPHo5mkrtWI0w1GDykYoBqYndzdjRWTwgHUmAhFWo2Ye4f7iy1mqw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 62ms
61ms XHR
text/html 172.217.197.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9TA93aNCc6Ff3t-nkyjiuMoJWLXkas2W4SuDggwamfeHeh0ARVXR6Up-uDyTuormw4FcjHsaZ-0YlfC5TvUPHo5mkrtWI0w1GDykYoBqYndzdjRWTwgHUmAhFWo2Ye4f7iy1mqw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WQFAey8-PSphr6mC2nvRUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo_np8R1sAjt-L2hmVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgaGZnoGZvEFBgDdei92"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WQFAey8-PSphr6mC2nvRUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPmINk0lK11zIlES91zZmhHAshRB0j4ZwCh0h3IS2ohP-3qzoOAVYycsGwHEyDH9Qnzog_bRRdjcq9Gkdcy5cTW_VJGYqWhvMTA52riN00m1JgAJfQHosu37WE7FLfRdEaFC-bvQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TXfjiOgNVznrGQx147Sp-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://pt.yulk.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 05:30:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHo_np8R1sAjeubJ_IqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MzfQMzOILDADney-X"
content-security-policy: script-src 'report-sample' 'nonce-TXfjiOgNVznrGQx147Sp-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://pt.yulk.me
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=1639346715218265&bg=!V1SlVBvNAAaUWUsktFk7ADQBe5WfODLQqkfX5ypm6pMBhmzOeZAAWTeCZl3JGCyB7opglwRVwZ8kir8C-ERIhzNoiEZSAgAAAFVSAAAAAmgBB34ANpkKKQnauUkD9SmiVW7sagXWsAYqNbnFJQV87f8ZLS2BQxtI4wJw5ngW-CBX85DIni19BlVMsgoAiA6sdrSfiV2ZML00-9F8eg0X4BRwh5GH_Gefh06bbKTr6TBNFHBN4pk8O3wtWM5fxOOo1iQnKTDddHUCBwTr-oO_6M2mZlN8YA1t0BueS5N6dkR1WdklmS5vetk3xGev8BapejtolsIBn5quWglbLfGldg4QjEamZ0YODIILlR8I9ed0kKGDjxCZAoMx58a5dY7KzzENxRW_n-qWtq2-Nwj9y14CUa_-kvrpLTEUDSUzvo6Y-Cn40OwTaG2NCAHUubp6hdWqAtYY0M5vVNpmPe8xp3ltPFPJ7dqqIfYEqlw9nCkW5Yu8MCbDa80yhn5ysQRMkwQ-IFxrEyiwmAxAl71Tz-p6AAG05_W9dufJXaVquGXy_nREv5NpBFPWv1i9DG1vw3EcEFwFumTPiBv3Jj7mUBr_QjCg17NkV92YGNQwj2TqZ2JAcAtB_w_5J30amX4XNhCn5OgP9qA94cOZlkU00M8OPcHPn6ffpvnBXw-HeTutLM10kP1KwDzw4OyTvfdUmGAZbu2eJ6UADI2uGxsd4Hu0b-sebq6xQz3Odx6dtH6pPgZZ5I9AoH35Ei0W8ePPWg5MWhmwrDv8fCgcZoLepdeuv3inBsWYgCKr1URJSYf5R9OLHZZHQNbDzPotutFB8c_LuANVfnJCEe7TyDS2sfgpa3u0qdI2j7gK2SXic13DzpHsLrDYeLo99XOGSA45e8xMa0jdV50o5_2QTcdfGEWoRTosnd6eVhL5gzwgrqTRyh918KqaPHdg2PBQPx0NNeIbY0CdL988K24q8WQI9UUbM1qwxJjr0J0mweJj27sD6vqQ6A820UioRAD5OtAITQmd1sZO7OHXUVuepdyw7mZO4TUJCm8NgfoJRNJvSyQyk3MKcGVPzyfZfomBNBRkZoNgibWqtRVS917AjnlYt_Jhdi6dm-Qm3acGbb5k_oB7bMBUm4XTtJ7gQ92IsZRiEbkAiOE79DW1fUx_4H289Ixf0V9uKF3NkjcMm_zT3vCyP0Tzr-XuFY19ajeaFk4f12his_eMpY4i4a0Q

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yulk.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: to6bdmm1k3jne8hu0c5r6k0gbg
.pt.yulk.me/	1970-01-21 00:20:31	Name: __cf_bm Value: XOjhyizjuDLIhZZma.ktK8AlvGciOa5D70s7C0I6Yq4-1729229440-1.0.1.1-eB8RaqUdeCXRr1E7oiLTQLrfg7Yp0z.x1fxC.D159XlCj5cy_XOnflxcfHG8kpnlzoIK_xbbVqKfeXNugY8FuA
.yulk.me/	1970-01-21 09:56:29	Name: _ga_XCNHZM6QEV Value: GS1.1.1729229441.1.0.1729229441.0.0.0
.yulk.me/	1970-01-21 09:56:29	Name: _ga Value: GA1.1.973076161.1729229442
.doubleclick.net/	1970-01-21 00:20:30	Name: test_cookie Value: CheckForPermission
.yulk.me/	1970-01-21 09:42:05	Name: __gads Value: ID=ac3c994f401e73fe:T=1729229441:RT=1729229441:S=ALNI_MbJzDTQ87-9TGFYdMcoqUcjQQ_MgA
.yulk.me/	1970-01-21 09:42:05	Name: __gpi Value: UID=00000f2b6b5e6f2b:T=1729229441:RT=1729229441:S=ALNI_MaxS8Ke_hd3TGmkwWF1tueaywOQvQ
.yulk.me/	1970-01-21 04:39:41	Name: __eoi Value: ID=235d3d254a25d349:T=1729229441:RT=1729229441:S=AA-AfjY2GjnzyPWXVYOg3j5T3Y3o
.yulk.me/	1970-01-21 09:06:05	Name: FCNEC Value: %5B%5B%22AKsRol_XTiD6ABxlOT8srWLrXiwhH6DL6TRKV2TSk7MTdyNvlL1l33SOsb8rQyQ4aLzbj670G-38rIHhAUZkz9Hcf5oj9HzwkoCtMLLnb5cvRKqjzgHoDzjSgJNSEr1-bCRQP97RCFY2NaLklweu9vF2Rm21WCimpQ%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d29gj98dwc2jpk.cloudfront.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pt.yulk.me
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
yulk.me
pagead2.googlesyndication.com
108.139.38.191
142.251.163.147
172.217.197.138
172.217.197.156
172.217.197.94
172.66.0.96
173.194.175.102
173.194.175.132
209.85.232.97
216.239.34.21
64.233.180.154
0434a1f08b43acfbc2dcefe599423d8ac28122ca4bc596910d26b30dbcbf2db3
1f080a467aa9087c91e4fd68aeb9814ba7ca801f0eee95eb4f754b04f5c962e1
24d978cc22f25715234680b33c31f30482a4088d1cc1fe8bf4f7c4690e826465
35af7c74478e50e12b60f848f8aee3db99ebc592b95d13f8d1398e134b8a0214
369b0c21906fdd75d4370af92e7f46c9b494a3f7b8c0bde8ef47aaf480a73145
39ba548f24975068a891f529480a9e49ea3d139bf6845e4cda5e696930d93201
51ee1a70f12a5f81c9517ad1343613693d88c3fdf0b87f38c15a01dba4ec6351
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb
5ab1f3e3ad9be8291115207bd85f759fca14886b709746fb6ad6e07e54da7372
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4
73177344d64ce991277771a3eef38d030e4bcd7f0083e57c5ff6c52402a785ed
783f373dab5a8d8c22ec672b68dcbcf32af01d0f65b5fc1fe17e2c40584512c8
7ec359934f6f4f00d3b5f0d1300c9a8662056bfafa52a56b9cf2d632bfd55a03
93eaaebbae7a7275adfc5638074c6ee4184f4128315cd08d0b3514ed9c302681
967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6
999832c54857ca93b05ad3e5116a49fc77b2b50be987cdea23558d4cd1e897d2
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
bf1ed397343d681926c1e9cadde3e5fd7a9c40482c35b10e3eb5dc82ece6b37d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb96eb80d24a0c1c85dcec9c4517eb948e8958ad5ebfe3f66729e473c76c94d7
ecf05caa36be4d0595036c8d16d3ed698ca5162e030d099b687988aab8f925d1
fdbbef6201c424d5c19547b1dbd23d120f506d20338f0a565d276e2698d5cb62
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

pt.yulk.me Open in urlscan Pro 172.66.0.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

0 %IPv6

8 Domains

11 Subdomains

11 IPs

1 Countries

991 kBTransfer

2675 kBSize

9 Cookies

5 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pt.yulk.me Open in urlscan Pro
172.66.0.96 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

11
IPs

1
Countries

991 kB
Transfer

2675 kB
Size

9
Cookies

39 HTTP transactions
0 data transactions