1264c.0gke.com Open in urlscan Pro
2606:4700:3037::6815:229c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1264c.0gke.com/
Effective URL:
https://1264c.0gke.com/conn.php
Submission: On February 08 via api (February 8th 2024, 10:40:12 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3037::6815:229c, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1264c.0gke.com.
TLS certificate: Issued by E1 on January 25th 2024. Valid for: 3 months.

This is the only time 1264c.0gke.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:a285	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3037::6815:229c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	64.34.156.170 64.34.156.170	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e6:... 2606:4700:e6::ac40:ce26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
7	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
40	13

1 2606:4700:3035::ac43:a285 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

1264c.0gke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3037::6815:229c (United States)

ASN13335 (CLOUDFLARENET, US)

1264c.0gke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.34.156.170 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: hp350.servername.online

topnew.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	297 KB
8	0gke.com 1 redirects 1264c.0gke.com	49 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	44 KB
4	topnew.net topnew.net	36 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	172 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	gstatic.com fonts.gstatic.com	26 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
40	11

	Domain	Requested by
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	1264c.0gke.com	1 redirects 1264c.0gke.com
7	pagead2.googlesyndication.com	topnew.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	topnew.net	1264c.0gke.com topnew.net
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	use.fontawesome.com	topnew.net use.fontawesome.com
2	fonts.googleapis.com	topnew.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	topnew.net
40	12

This site contains no links.

Subject Issuer	Validity	Valid
0gke.com E1	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.topnew.net R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://1264c.0gke.com/conn.php
Frame ID: 4BD2D14C6B271BF85782698838AA3CB2
Requests: 7 HTTP requests in this frame

Frame: https://topnew.net/sidu/news?cms=SIDU2023.0707
Frame ID: 04AF112D2A4C51D0866065460D9810C6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: 0EE89A67E18F882F74F54E4C2522E9A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1707432009&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707432008967&bpp=3&bdt=571&idt=259&shv=r20240207&mjsv=m202402060101&ptt=9&saldr=aa&correlator=5667428710435&frm=22&ife=1&pv=2&ga_vid=227415774.1707432009&ga_sid=1707432009&ga_hid=1446804758&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080649%2C31080779%2C31080797%2C44795921%2C95324580%2C31080971%2C95322195%2C95324154%2C95324160&oid=2&pvsid=4051378315454829&tmod=781968393&uas=0&nvt=1&top=https%3A%2F%2F1264c.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vkxo247ptj85&fsb=1&dtd=271
Frame ID: 1EBB19D0CBC49149A200DDE85976C5FB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB645A8AE4790C8D84ED56538F9D7F5B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: FF4E7A9FE93EDE22E668BFD50ABB2CC1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E8FF7ADA82B280B86E8889D264EA6F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27C78527D09A21487EC228244CD7A18E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

- SIDU 2023.0707 Database Web GUI: MySQL + PostgreSQL + SQLite - topnew.net/sidu

Page URL History Show full URLs

http://1264c.0gke.com/ HTTP 301
https://1264c.0gke.com/ Page URL
https://1264c.0gke.com/conn.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

85 %
IPv6

11
Domains

12
Subdomains

13
IPs

2
Countries

723 kB
Transfer

1670 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1264c.0gke.com/ HTTP 301
https://1264c.0gke.com/ Page URL
https://1264c.0gke.com/conn.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://1264c.0gke.com/ HTTP 301
https://1264c.0gke.com/

Request Chain 27

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 29

https://googleads.g.doubleclick.net/pagead/adview?ai=CqpX3SVjFZdSiFJ6p998Pj6uh0AnW6obfdcLT-Z6TErCQHxABIKWd_QVgyYaAgNyjxBCgAZyT0NoDyAECqAMByAPJBKoE2QFP0BbtBsibZppT8FfkKYfHRHOi9Wv9CWuFolB2JscOwEeHS4LTY6uMYdug49haZ99EpGH3JlgBdjC95w6yrOkZV9VdLyDmWFarYoOwA56UfZoaKjVZ7OWwoJDgxIJFsqlg8o_08lMfaCxm2u4zaD2QXPJC4LBW6Aj_4_j0vVXXv6r_E0JQOK3m9xnwy9GDE2XFds09YdRHrdMvsu5EIwt7T0vK-cTTB15vjSj9GVWoS4cq4ddAOHt9FhiN5Rv_6Abvv_omePcJBZcZcy6iReKUqLX_gNQip2tcwAS5w5zClwSIBf7IhZ1JkgUECAQYAZIFBAgFGASgBgKAB8zsryWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC_qhbSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYw7WR8-echAOaCY0BaHR0cHM6Ly93d3cuZGF0YXN0YXguY29tL2Nsb3VkLW5hdGl2ZS1hcHBzP3V0bV9tZWRpdW09c2VhcmNoX3BkJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9jYW1wYWlnbj1nZ2xfZGlzY19uYW1fZW50X25vbmJyYW5kX2NucF92LjEmdXRtX2NvbnRlbnQ9gAoByAsB2gwQCgoQoODP_bbYr_gKEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi01ODgyMDU3MTYxMzMzMjQ4GAA&sigh=fNrkcIKzWrQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTQAvHhf_ExnaEfqUi9LXAMXKKkZEPDrm3jSCqG0wGzrBU4z_0Img1dVslzDI70NOLlbgOKEdMJruz0uHDIfUqrSd-gvsweX-dM92hZLjGAE&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe00fc5688c6ae1710000000000000000%22,%222%22:%220xa2d8a44c02d824e10000000000000000%22,%223%22:%220x6ff9dc4843b5ab740000000000000000%22,%224%22:%220xfb828887f308fab80000000000000000%22,%225%22:%220x98f9557128b652c50000000000000000%22},%22debug_key%22:%221195724326033436657%22,%22debug_reporting%22:true,%22destination%22:%22https://datastax.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22995363228%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211010372463892648545%22}&andc=true

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
1264c.0gke.com/
Redirect Chain

http://1264c.0gke.com/
https://1264c.0gke.com/

83 B
737 B

307ms
229ms

Document
text/html

2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1264c.0gke.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85275f5a7b2e5c6c-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 22:40:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9mUiIxwDQCb22bVtCcrVBADV5uQAhtQopDcu4DM%2Bve%2Bra6SojzTOhNoCiQEV77IX5blgLrikpXZgRLcZEItW0pCc8EbifAWv2I3St1VUpsWbue3LPGAtIsECo4QjfDlO2bZsZbOYRzwceeSiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 85275f59aa997473-MIA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 08 Feb 2024 22:40:06 GMT
Expires: Thu, 08 Feb 2024 23:40:06 GMT
Location: https://1264c.0gke.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0ZNnZTPDbDMmyHkaLijiK%2FubtneFokgEZMTeiBDen2lFnIvzgaMTy0XX5J1FV0kWbWAfJMUIvvK2TGdiB4HqDkriVL1N3k75LClx8O5F5OzPJTPY%2BipPG0kVu3IVytA7ieYl7Ne5hFZoWFS6A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 Primary Request conn.php Show response
1264c.0gke.com/ 6 KB
2 KB 105ms
105ms Document
text/html 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1264c.0gke.com/conn.php

Requested by

Host: 1264c.0gke.com
URL: https://1264c.0gke.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

c8a5aa4ac89cccc9a198fcd46196dc8bc5a81df1dccf725f4900b50977809318

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://1264c.0gke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85275f5c0e505c6c-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 22:40:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDVQ8gFrxRsd0eYkfrz4f21MjehlQzbqltB%2BCtZZLpLu6yVvK7dBx153378XDOpkPVey%2FgnRWSXIeTzO7uzYOgwaEN3O0S5G0%2BUEtj5B%2BVT2QMipiVgNHiq0PtmGFTf5SmJ0y1VDUufUpnrvgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed

GET
H3 200 sidu.css
1264c.0gke.com/ 8 KB
3 KB 222ms
221ms Stylesheet
text/css 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1264c.0gke.com/sidu.css

Requested by

Host: 1264c.0gke.com
URL: https://1264c.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1a8e36e2f728e3ec06613825e3589852b748505e5b91bed32c6b7e61f67633

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1264c.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 24 May 2022 22:16:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2F11kIlolKlOtHw1AlGnc9ByptRBQLd7WL%2B6Spo1XP%2FARHeRC8qBsJdNLYGvDKUc2qTPt1cCNTdmf4thAQNawIBq%2BtYQCFB1SNC3khT9EYKaXJzPbCKAsG5Zaz30WaVI6DR%2F3vRGMtRnkUb18A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85275f5cbd514986-MIA
expires: Thu, 15 Feb 2024 22:40:07 GMT

GET
H3 200 jquery-3.6.3.min.js Show response
1264c.0gke.com/ 88 KB
32 KB 310ms
310ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1264c.0gke.com/jquery-3.6.3.min.js

Requested by

Host: 1264c.0gke.com
URL: https://1264c.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1264c.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 13:03:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUBPRDhde3HdeTE0e5EEx6ggvqSorEGdhshWUa5ISwqoDBxB0Z2ASIIsizRsUYnFrrunYztPZSOj1%2BjD7xxhG0EaIovoX03zLz%2B48GKnjkx0qDcovBqV%2B5H3ryODsFk83Xx1NJZYIO8P%2FT2TPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 85275f5cbd574986-MIA

GET
H3 200 login-enc.js Show response
1264c.0gke.com/ 5 KB
3 KB 225ms
224ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1264c.0gke.com/login-enc.js

Requested by

Host: 1264c.0gke.com
URL: https://1264c.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

447145e39169829f17b64bf235f99d522f3e84a8c17698195559f79f3b509ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1264c.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 24 May 2022 22:16:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBk5hlgm2dXiH7LT4%2B7XjtNYX%2FCDyHqMziXI80GPc405VeNOTiiP%2FdRPG6lhVf%2Bci4KB8XYuYpL58aeUlncGVlUvFzXKO2XvO2I2pfmNLVip7kb1Xp21FlPrR1%2FmbIx50xIu%2FzC7i7R53xnTNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 85275f5cbd5a4986-MIA

GET
H3 200 login-md5.js Show response
1264c.0gke.com/ 10 KB
4 KB 232ms
232ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1264c.0gke.com/login-md5.js

Requested by

Host: 1264c.0gke.com
URL: https://1264c.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bcc31a554cece72f420a38e5b06cb04be1beba32aed255c70c12a24cdfb5087

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1264c.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 24 May 2022 22:16:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR%2BlEbEdAUbLiioosQ7Do0qXxNbj0FiGIKDZ1pBIK56kvNUhHDZ%2B5iS%2FULYIU2%2BHxZfgoY%2FrWS0xWSW9A4FXqKNmvPL3WoUdRwU7qchLKBo7lSnWPu%2BVYiapgf6aRz8kDA2CcuyntQbpBPLQZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 85275f5cbd5e4986-MIA

GET
H3 200 sidu.js Show response
1264c.0gke.com/ 12 KB
4 KB 229ms
228ms Script
text/javascript 2606:4700:3037::6815:229c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1264c.0gke.com/sidu.js

Requested by

Host: 1264c.0gke.com
URL: https://1264c.0gke.com/conn.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:229c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7beb0fd3e45262a6edff993d3052c12de9db668d9928f4e9c76d318d4a17e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1264c.0gke.com/conn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 17:37:56 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idUVhu8O6wkqaa4nqVPFfU6RD9MODhhTsmFeByCmKu9l86P1vy4Mlc7yTSGFFcg6lDS7CgiEABFq0%2FZveV2H501APK9PukUqdw%2BcjHcOzGJqAE1VhfsT7x1Zq7Ynx5ZmbboPOiJpqVr4foF%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 85275f5cbd614986-MIA

GET
H2 200 news Show response
topnew.net/sidu/ Frame 04AF 8 KB
3 KB 900ms
648ms Document
text/html 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Requested by: Host: 1264c.0gke.com
URL: https://1264c.0gke.com/conn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: abaef50143ab2ef71f6b85d1434cc0c93b7db63104dfc9697c848e055cf1cb22

Request headers

Referer: https://1264c.0gke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 3127
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 22:40:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 css
fonts.googleapis.com/ Frame 04AF 2 KB
459 B 217ms
79ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic

Requested by

Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Feb 2024 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 22:14:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Feb 2024 22:40:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 04AF 1 KB
915 B 215ms
78ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round

Requested by

Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee8b4c63b428fb78db8978da6ea0e7898dc3b508a15a37bea33703c452945933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Feb 2024 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 21:50:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Feb 2024 22:40:08 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v6.1.1/css/ Frame 04AF 98 KB
21 KB 130ms
47ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.1/css/all.css
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 745005
etag: W/"6386fb409d4a2abc96eee7be8f6d4cc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9niUoy%2FGqXLM0yyM%2B42R8v6M4eu0r33clRr7W1%2FjTyyprTSxdlVSmTwwh1qn%2FyisNkLYSTWWSlJgw5%2FISxkzIAOtPhH9HHZUcKbwBL5ca2vFMOCMohtctpFk%2B5o2ilviMdawScksNKdqmmV7PF%2FncSR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85275f651cbf4c31-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2023.css
topnew.net/css/ Frame 04AF 32 KB
9 KB 166ms
165ms Stylesheet
text/css 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://topnew.net/css/2023.css
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: 1517b67ea313a267f9be4ac603480cc57ec64e8065bfa587d4e14868d6c62600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/sidu/news?cms=SIDU2023.0707
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Sep 2023 07:38:03 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 8864

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ Frame 04AF 87 KB
30 KB 124ms
33ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:08 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6829392
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mia-kmia1760031-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707432009.507803,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 22, 831249

GET
H2 200 2023.js Show response
topnew.net/css/ Frame 04AF 6 KB
2 KB 165ms
164ms Script
application/javascript 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://topnew.net/css/2023.js
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: 29019d6efffcd98de5cc1f51e3620743a226ec86c07b3c763fa5e2b4d47ad00c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/sidu/news?cms=SIDU2023.0707
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Sep 2023 07:04:42 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2424

GET
H2 200 sidu0.png
topnew.net/img/sidu/ Frame 04AF 22 KB
22 KB 164ms
163ms Image
image/png 64.34.156.170
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://topnew.net/img/sidu/sidu0.png
Requested by: Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.156.170 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: hp350.servername.online
Software: Apache /
Resource Hash: 1533d1355e93924739f7c9f399d7de298f9bef4a3d4cec411b332ecb4a325c34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/sidu/news?cms=SIDU2023.0707
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:08 GMT
last-modified: Sat, 25 Feb 2017 01:53:32 GMT
server: Apache
accept-ranges: bytes
content-length: 22071
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 04AF 149 KB
51 KB 241ms
104ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: topnew.net
URL: https://topnew.net/sidu/news?cms=SIDU2023.0707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70d4507c3343ca83bb6c65fd05373cd68196953567fbd0726d875447a159ddb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51557
x-xss-protection: 0
server: cafe
etag: 17313832829088163731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 08 Feb 2024 22:40:08 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ Frame 04AF 25 KB
26 KB 197ms
64ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://topnew.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:14:29 GMT
x-content-type-options: nosniff
age: 257139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 23:14:29 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.1.1/webfonts/ Frame 04AF 151 KB
151 KB 148ms
44ms Font
font/woff2 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.1.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Request headers

Referer: https://use.fontawesome.com/releases/v6.1.1/css/all.css
Origin: https://topnew.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306505
alt-svc: h3=":443"; ma=86400
content-length: 154228
last-modified: Fri, 22 Sep 2023 01:46:18 GMT
server: cloudflare
etag: "55b416a8df21f9f987aa352f10d1343b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FmSvi%2FcMGRxr9F2fJvMEH24B8dPvvW9yO6qVctOU2wyGmAoBuYmySqkILAm%2BPy4RzhfJObnzLZIGmeOyJ%2FhmE8iEetn64Ii1x92YHQ703%2FZk0qT%2BAsuwkekC9aCaK3spL4dMzTavwXUIXNe5tI%2F8d%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85275f66af8e8da9-MIA

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/ Frame 04AF 406 KB
138 KB 132ms
131ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31080971

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0228b1444269c865a807fc395288f1e73254cdea036b0687c93abb333d6990df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141171
x-xss-protection: 0
server: cafe
etag: 13864936224232156302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 22:40:09 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 0EE8 9 KB
5 KB 199ms
63ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topnew.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 9122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 20:08:07 GMT
etag: 3890843268177463596
expires: Thu, 22 Feb 2024 20:08:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EBB 105 KB
39 KB 497ms
496ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1707432009&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707432008967&bpp=3&bdt=571&idt=259&shv=r20240207&mjsv=m202402060101&ptt=9&saldr=aa&correlator=5667428710435&frm=22&ife=1&pv=2&ga_vid=227415774.1707432009&ga_sid=1707432009&ga_hid=1446804758&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080649%2C31080779%2C31080797%2C44795921%2C95324580%2C31080971%2C95322195%2C95324154%2C95324160&oid=2&pvsid=4051378315454829&tmod=781968393&uas=0&nvt=1&top=https%3A%2F%2F1264c.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vkxo247ptj85&fsb=1&dtd=271

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31080971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f18b5b3ee2fe91f21262dcc0aa4945953f08b516cc1da417c3f7136bb3dd31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topnew.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40025
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 22:40:09 GMT
expires: Thu, 08 Feb 2024 22:40:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14920355099866156703
tpc.googlesyndication.com/simgad/ Frame 1EBB 16 KB
17 KB 278ms
126ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14920355099866156703?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkoyoje3uMF4_rnd_NTqNAsr9Mg9w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1707432009&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707432008967&bpp=3&bdt=571&idt=259&shv=r20240207&mjsv=m202402060101&ptt=9&saldr=aa&correlator=5667428710435&frm=22&ife=1&pv=2&ga_vid=227415774.1707432009&ga_sid=1707432009&ga_hid=1446804758&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080649%2C31080779%2C31080797%2C44795921%2C95324580%2C31080971%2C95322195%2C95324154%2C95324160&oid=2&pvsid=4051378315454829&tmod=781968393&uas=0&nvt=1&top=https%3A%2F%2F1264c.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vkxo247ptj85&fsb=1&dtd=271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

719537cedad5b736cacf998bb6c7aa1bd299395749b1360dfd10421eb96cc045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 13:20:33 GMT
x-content-type-options: nosniff
age: 33576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16771
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 18:46:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Feb 2025 13:20:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 1EBB 23 KB
9 KB 217ms
73ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB64 143 B
166 B 64ms
63ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5882057161333248&output=html&h=250&slotname=8520217086&adk=1730507159&adf=3785318430&pi=t.ma~as.8520217086&w=300&lmt=1707432009&rafmt=12&format=300x250&url=https%3A%2F%2Ftopnew.net%2Fsidu%2Fnews%3Fcms%3DSIDU2023.0707&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707432008967&bpp=3&bdt=571&idt=259&shv=r20240207&mjsv=m202402060101&ptt=9&saldr=aa&correlator=5667428710435&frm=22&ife=1&pv=2&ga_vid=227415774.1707432009&ga_sid=1707432009&ga_hid=1446804758&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1589&ish=400&ifk=1015191780&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080649%2C31080779%2C31080797%2C44795921%2C95324580%2C31080971%2C95322195%2C95324154%2C95324160&oid=2&pvsid=4051378315454829&tmod=781968393&uas=0&nvt=1&top=https%3A%2F%2F1264c.0gke.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1589%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vkxo247ptj85&fsb=1&dtd=271
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 21:51:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1EBB 3 KB
1 KB 233ms
90ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1EBB 20 KB
9 KB 207ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EBB 205 KB
65 KB 234ms
98ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 22:40:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1EBB 36 KB
15 KB 287ms
147ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14866
x-xss-protection: 0
server: cafe
etag: 15811255140505289687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:45:10 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB64
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
89ms

Document
text/html

2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 22:40:10 GMT
expires: Thu, 08 Feb 2024 22:40:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 22:40:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1EBB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c5a74f0626c8bdf03cea0bf04c0121f8e2952390b7796067b11bd50781dcb8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1EBB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CqpX3SVjFZdSiFJ6p998Pj6uh0AnW6obfdcLT-Z6TErCQHxABIKWd_QVgyYaAgNyjxBCgAZyT0NoDyAECqAMByAPJBKoE2QFP0BbtBsibZppT8FfkKYfHRHOi9Wv9CWuFolB2JscOwEeHS4L...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe00fc5688c6ae1710000000000000000%22,%222%22:%220xa2d8a44c02d824e10000000000000000%22,%223%22:%220x6ff9dc...

0
0

254ms
123ms

Fetch
text/css

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe00fc5688c6ae1710000000000000000%22,%222%22:%220xa2d8a44c02d824e10000000000000000%22,%223%22:%220x6ff9dc4843b5ab740000000000000000%22,%224%22:%220xfb828887f308fab80000000000000000%22,%225%22:%220x98f9557128b652c50000000000000000%22},%22debug_key%22:%221195724326033436657%22,%22debug_reporting%22:true,%22destination%22:%22https://datastax.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22995363228%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211010372463892648545%22}&andc=true

Protocol

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe00fc5688c6ae1710000000000000000","2":"0xa2d8a44c02d824e10000000000000000","3":"0x6ff9dc4843b5ab740000000000000000","4":"0xfb828887f308fab80000000000000000","5":"0x98f9557128b652c50000000000000000"},"debug_key":"1195724326033436657","debug_reporting":true,"destination":"https://datastax.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["995363228"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"11010372463892648545"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Feb 2024 22:40:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Feb 2024 22:40:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe00fc5688c6ae1710000000000000000","2":"0xa2d8a44c02d824e10000000000000000","3":"0x6ff9dc4843b5ab740000000000000000","4":"0xfb828887f308fab80000000000000000","5":"0x98f9557128b652c50000000000000000"},"debug_key":"1195724326033436657","debug_reporting":true,"destination":"https://datastax.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["995363228"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"11010372463892648545"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 04AF 16 KB
12 KB 235ms
105ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31080971

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52facc34312879b4523b8b1737e194b7395b26e13b42b0f19b3937567e6cb342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12238
x-xss-protection: 0

GET
H3 200 7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FF4E 50 KB
19 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:19:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19829
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:19:50 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 274ms
123ms Preflight
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 22:40:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 04AF 17 KB
7 KB 81ms
80ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31080971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 22:40:10 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E8F 13 KB
5 KB 66ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://topnew.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 44403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 10:20:07 GMT
expires: Fri, 07 Feb 2025 10:20:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 27C7 829 B
998 B 86ms
85ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3623a62ef81b1114718f1c478147e5be6b5ae14cc83f9245ad61adadcd4b47d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4De-sKjBk8ak4C5iUkVLWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://topnew.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4De-sKjBk8ak4C5iUkVLWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 22:40:10 GMT
expires: Thu, 08 Feb 2024 22:40:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E8F 39 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 20:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 20:08:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 27C7 0
0 123ms
123ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=4051378315454829&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E8F 0
10 B 63ms
62ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oSmRNQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:40:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 04AF 0
0 126ms
126ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=4051378315454829&bg=!BgWlBUrNAAaxkZ3akZE7ADQBe5WfOAWFpSJURj074fZy2p1y32j-4E-M-Ji8UBpxGy6liKv70Vc4aHweZMDU5LlcvzWTAgAAADpSAAAAAmgBB5kC1WEWNAeWOxiM5VstRXG2OMVcqat-bappxBrBBtoVEvm-PLC9y56fw5xLDs5LB66Ofr9joN1fVBDzQ7b23FQiyCKyItsvqunaZAETwvGdfn0OSaFKahTN1puaRzV71unMblTF64TMaAm77eJLG73hOuEe2y5gtzowHe42OrjPwlpNP96PoBk4rGi_eRWazkOjYAaVHdMcHQfeBiKYX92NPe9SftK61TbdZJzrUxsdh6ydnjld5klM0gGc_qNq62CzFGp2jdBrvlAJGTBxEAGdiQZxmjQWRWfcKrXEUOeg7ouLT3-y4E936SUGKTT8iFtdY29tUlBaoS4m2keaRzeB3GxJNSBGxgEYKREpkKeTLzeJn1nMAi4fSeOBklFracQiCsevqBLwCPI-PFapL9Uz5tNxrys8cBLT3JIkd59MybZXoHlEZBHimexMq_r1jAm-62TmlWEaLDKps4EXVNRNf4Bh9xi9TnK-534v0haP52uANjuHb6hvKeJkL6XVIa3wLY8Bv8mxoum1O-fOTS7na6NJ_XIFfYSqYD4ZuBPXhb-WGOl5EXPtYUtXuNg6TEuAsq4P--s4MZ8pPTAAsIZgjSzwL_WbHF9ZXQeFLRwbIqVQvS4KBhYjRbu7k39jBzgTqJWZaZl4QUzRgIEGd4meeg26TE59dFNV-aeT3lQqs2fT7ikk5HOyhc6mwrNG6VFSyoGEGO1J82eti3-QyJ-cBjQ4amw2brtoAss6NdkPfjwzyBWAfJjDEClQ-33xsnuo-qLqTztwfFXr7qvJVMOA2ALJn2gB-u0eHVwq60sgwSEjs_0R6sG0MXOf0f_AsegDIwrbN6xuboNed-K5EEEl--RH5LEXeMUAIMh6ARQD6Xw4jmUp1xtIOhofDorQ2n4XqJCr6b1bdao_tfvrBS0V4DUTAJDerbBkC_gSdzq6g9P8CfahNncwJEx-UDB8I4SbCTngBkfc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://topnew.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1264c.0gke.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: on7agjaj3ukjcfap7447k1416o
.doubleclick.net/	1970-01-20 18:17:15	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:53:12	Name: IDE Value: AHWqTUmVj7_EW-ErCh0NUndQCKXoNnyeVeENI2qCKpaasG_PMIrBgIrr2J2GNiiTrXg
.googleadservices.com/	1970-01-20 20:26:48	Name: ar_debug Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1264c.0gke.com/conn.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1264c.0gke.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
topnew.net
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.googleadservices.com
www.googletagservices.com
142.250.80.66
2606:4700:3035::ac43:a285
2606:4700:3037::6815:229c
2606:4700:e6::ac40:ce26
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2004
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::2002
2a04:4e42:400::649
64.34.156.170
0228b1444269c865a807fc395288f1e73254cdea036b0687c93abb333d6990df
083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
1517b67ea313a267f9be4ac603480cc57ec64e8065bfa587d4e14868d6c62600
1533d1355e93924739f7c9f399d7de298f9bef4a3d4cec411b332ecb4a325c34
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
29019d6efffcd98de5cc1f51e3620743a226ec86c07b3c763fa5e2b4d47ad00c
2bcc31a554cece72f420a38e5b06cb04be1beba32aed255c70c12a24cdfb5087
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3623a62ef81b1114718f1c478147e5be6b5ae14cc83f9245ad61adadcd4b47d8
3d1a8e36e2f728e3ec06613825e3589852b748505e5b91bed32c6b7e61f67633
447145e39169829f17b64bf235f99d522f3e84a8c17698195559f79f3b509ae5
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
52facc34312879b4523b8b1737e194b7395b26e13b42b0f19b3937567e6cb342
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c7beb0fd3e45262a6edff993d3052c12de9db668d9928f4e9c76d318d4a17e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
70d4507c3343ca83bb6c65fd05373cd68196953567fbd0726d875447a159ddb2
719537cedad5b736cacf998bb6c7aa1bd299395749b1360dfd10421eb96cc045
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
85f18b5b3ee2fe91f21262dcc0aa4945953f08b516cc1da417c3f7136bb3dd31
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
abaef50143ab2ef71f6b85d1434cc0c93b7db63104dfc9697c848e055cf1cb22
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
c8a5aa4ac89cccc9a198fcd46196dc8bc5a81df1dccf725f4900b50977809318
d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
ee8b4c63b428fb78db8978da6ea0e7898dc3b508a15a37bea33703c452945933
f7c5a74f0626c8bdf03cea0bf04c0121f8e2952390b7796067b11bd50781dcb8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

1264c.0gke.com Open in urlscan Pro 2606:4700:3037::6815:229c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

85 %IPv6

11 Domains

12 Subdomains

13 IPs

2 Countries

723 kBTransfer

1670 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1264c.0gke.com Open in urlscan Pro
2606:4700:3037::6815:229c Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

85 %
IPv6

11
Domains

12
Subdomains

13
IPs

2
Countries

723 kB
Transfer

1670 kB
Size

4
Cookies

40 HTTP transactions
1 data transactions