Submitted URL: https://o.vg/unit/energy/ajtokj.php
Effective URL: https://www.o.vg/unit/energy/ajtokj.php
Submission: On October 28 via api from US — Scanned from CA

Summary

This website contacted 18 IPs in 1 countries across 11 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3037::6815:4a11, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.o.vg.
TLS certificate: Issued by WE1 on October 3rd 2024. Valid for: 3 months.
This is the only time www.o.vg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
7 172.67.167.140 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 172.217.222.155 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2620:1ec:bdf::41 8075 (MICROSOFT...)
7 172.253.115.156 15169 (GOOGLE)
3 20.114.189.135 8075 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.31.104 15169 (GOOGLE)
10 173.194.205.138 15169 (GOOGLE)
1 142.251.179.154 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.16.157 15169 (GOOGLE)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.31.99 15169 (GOOGLE)
50 18
Apex Domain
Subdomains
Transfer
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
www.google.com — Cisco Umbrella Rank: 3
126 KB
9 o.vg
o.vg
www.o.vg
383 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
v.clarity.ms — Cisco Umbrella Rank: 6509
c.clarity.ms — Cisco Umbrella Rank: 1236
30 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
223 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
771 B
1 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 3282
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5125
259 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
107 KB
50 11
Domain Requested by
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 www.o.vg www.o.vg
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
7 pagead2.googlesyndication.com www.o.vg
pagead2.googlesyndication.com
3 v.clarity.ms www.clarity.ms
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 c.clarity.ms 1 redirects
2 www.google.com pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 www.clarity.ms www.o.vg
www.clarity.ms
1 c.bing.com 1 redirects
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 syndicatedsearch.goog www.google.com
1 partner.googleadservices.com www.google.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.o.vg
1 o.vg 1 redirects
50 16

This site contains no links.

Subject Issuer Validity Valid
o.vg
WE1
2024-10-03 -
2025-01-01
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.googleadservices.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
syndicatedsearch.goog
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
adtrafficquality.google
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 11 frames:

Primary Page: https://www.o.vg/unit/energy/ajtokj.php
Frame ID: 18326065FDD23BE78341AD8EFC236D26
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Frame ID: D719C87D1A25CCD6237F8A7574ADA4DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730091999&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999260&bpp=7&bdt=1292&idt=170&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3523258617219&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=209
Frame ID: 95F6D8B32D6C9516874A24D6AAF0FC15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&h=250&slotname=7922701634&adk=2510999812&adf=3311504332&pi=t.ma~as.7922701634&w=300&abgtt=6&lmt=1730091999&format=300x250&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999267&bpp=1&bdt=1298&idt=217&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=221
Frame ID: 3A39F7222FE22F184E56DDF05D5A915E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&h=600&slotname=9595640293&adk=4085947956&adf=3694598991&pi=t.ma~as.9595640293&w=160&abgtt=6&fwrn=4&fwrnh=100&lmt=1730091999&rafmt=1&format=160x600&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999268&bpp=2&bdt=1300&idt=234&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=237
Frame ID: E0D0EC80D8485C7D116AE96E49189CF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&h=280&slotname=6969476955&adk=411220485&adf=3314721653&pi=t.ma~as.6969476955&w=1098&abgtt=6&fwrn=4&fwrnh=100&lmt=1730091999&rafmt=1&format=1098x280&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999270&bpp=1&bdt=1302&idt=246&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250%2C160x600&nras=1&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=249
Frame ID: FF08E85D4F0FFE03E36001FF2DB67D08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7473147615149663&output=html&h=280&adk=3381294843&adf=3315553061&pi=t.aa~a.2398693436~rp.4&w=1098&abgtt=6&fwrn=4&fwrnh=100&lmt=1730092000&rafmt=1&to=qs&pwprc=4326259970&format=1098x280&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730092000267&bpp=1&bdt=2299&idt=-M&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e88f325354f48e0%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZTU4pNYx6ZTjT7lj88J17YBNQ3Tw&gpic=UID%3D00000f3b42a66de9%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZffMKW423PsF8pbldT3TC8y_gCww&eo_id_str=ID%3Ded36dac772494a41%3AT%3D1730091999%3ART%3D1730091999%3AS%3DAA-AfjbHDvlSDIebK2WIgaR-0TkR&prev_fmts=0x0%2C300x250%2C160x600%2C1098x280&nras=2&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=204
Frame ID: CA166530AB24D93072D249FCD31A92E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7473147615149663&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1730092000&rafmt=1&to=qs&pwprc=4326259970&format=1200x90&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730092000267&bpp=1&bdt=2298&idt=1&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e88f325354f48e0%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZTU4pNYx6ZTjT7lj88J17YBNQ3Tw&gpic=UID%3D00000f3b42a66de9%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZffMKW423PsF8pbldT3TC8y_gCww&eo_id_str=ID%3Ded36dac772494a41%3AT%3D1730091999%3ART%3D1730091999%3AS%3DAA-AfjbHDvlSDIebK2WIgaR-0TkR&prev_fmts=0x0%2C300x250%2C160x600%2C1098x280%2C1098x280&nras=3&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=211
Frame ID: 9D3C91A1E7E019EFC48A96A444C51CE8
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-8e2a39cc4eb9d469f&fexp=95342162%2C21404%2C17301431%2C17301432%2C17301436%2C17301542%2C17301266%2C72717108&client=pub-7473147615149663&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=4421730092000512&num=0&output=afd_ads&domain_name=www.o.vg&v=3&bsl=10&pac=0&u_his=2&u_tz=-420&dt=1730092000513&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3372&frm=0&uio=-&cont=autors-container-0&drt=0&jsid=csa&nfp=1&jsv=688160506&rurl=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php
Frame ID: 7260BDA7952270D76CCD93D6A6DD878A
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: EEFC9E9148AF03EE50DF20A2E48C9834
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E403E5354309FFD9B5335F1ECFCCC5EC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Convert Attojoule to Kilojoule | kJ to aJ

Page URL History Show full URLs

  1. https://o.vg/unit/energy/ajtokj.php HTTP 301
    https://www.o.vg/unit/energy/ajtokj.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

50
Requests

96 %
HTTPS

44 %
IPv6

11
Domains

16
Subdomains

18
IPs

1
Countries

887 kB
Transfer

2280 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://o.vg/unit/energy/ajtokj.php HTTP 301
    https://www.o.vg/unit/energy/ajtokj.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=097F82107DD047F2BBE433EDC822BC26&RedC=c.clarity.ms&MXFR=02F460801D3F693839DE75A6193F67BD HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=097F82107DD047F2BBE433EDC822BC26&MUID=05285B2A2C236991093B4E0C2DF568BC

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ajtokj.php
www.o.vg/unit/energy/
Redirect Chain
  • https://o.vg/unit/energy/ajtokj.php
  • https://www.o.vg/unit/energy/ajtokj.php
42 KB
10 KB
Document
General
Full URL
https://www.o.vg/unit/energy/ajtokj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7c13472ab95ddad809207956bb1ddcf4c7429ca9cc89ff61e567b6c0bf3df4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=2592000
cf-cache-status
DYNAMIC
cf-ray
8d9865c64d33a293-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 28 Oct 2024 05:06:37 GMT
expires
Wed, 27 Nov 2024 05:06:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3HDujSyA8iga5R%2FiebgnSUuruJGf8Vk4CGLJK996V2nBcWN4XP8qOE2R3f6z35%2BCkL7111du9%2BXEcsot2m%2FQvPHhRRTIh12a%2FlRxo7GSnuhrs63RfNxJX2W2pHAzY7%2BAKQlSOHK4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=16752&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4868&recv_bytes=2392&delivery_rate=244686&cwnd=256&unsent_bytes=0&cid=e000027e305d73a7&ts=846&x=0"
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8d9865c61d0ea293-YUL
content-length
167
content-type
text/html
date
Mon, 28 Oct 2024 05:06:37 GMT
expires
Mon, 28 Oct 2024 06:06:37 GMT
location
https://www.o.vg/unit/energy/ajtokj.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhYM25F2k8Qz9TqcwynTOoXKPd9znImKKojra2nLqpdCHkFRH5n9uw0qJHSTt5%2FpDs7TXkNoG2HI%2BSvNm24oBz0cx0rTNDGaAyv429RI7NbKYlvhN%2FvmzVTRdw740Q6kgAW5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15765&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4015&recv_bytes=2285&delivery_rate=244686&cwnd=252&unsent_bytes=0&cid=e000027e305d73a7&ts=30&x=0"
vary
Accept-Encoding
geometry.js
www.o.vg/templates/okle/js/
2 KB
1 KB
Script
General
Full URL
https://www.o.vg/templates/okle/js/geometry.js
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6d0893747c641c1ed2ee9702e74b96a60d4ba63b380b2eaeb0f9c26de8c0b51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/unit/energy/ajtokj.php

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"8b9-5eac3e086b480-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4i8Dk%2F2GpU6B5X%2FCP%2BLv1TofMbmf2aufCZ9j4paHRmt2QxY73HJ73%2FgTapyx76xmzKmqdEhNKMfWf8qeDXBQKxzvi4Opw6GJPGL6J7Obsf%2B0RZDl9AbxugXmMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 05:06:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25589&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4152&recv_bytes=5431&delivery_rate=590&cwnd=12000&unsent_bytes=0&cid=4ad1673364967b7b&ts=1568&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 28 Oct 2024 05:06:38 GMT
content-type
application/javascript
last-modified
Tue, 11 Oct 2022 15:24:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9865cb6996aa9e-YYZ
accept-ranges
bytes
content-length
699
server
cloudflare
web.e922008.css
www.o.vg/templates/okle/css/
203 KB
35 KB
Stylesheet
General
Full URL
https://www.o.vg/templates/okle/css/web.e922008.css
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca4bb105f114508090fb985557d1380f33c873c175c6e113c288b946017ae15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/unit/energy/ajtokj.php

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"32c83-5f46d3841c400-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lldWBaraU%2B19Clrx7%2BxLVihLfu3y7USWgSprdn3oeI6FVL%2FgOyp%2FooJ%2F7UcE61bcb5KcoX6qb%2FALg94ZcYloKOiq2XzRCsaZsKoBG150%2FRaXR12lcYbeO%2B%2FuYA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 05:06:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24025&sent=28&recv=26&lost=0&retrans=0&sent_bytes=20826&recv_bytes=6002&delivery_rate=12122&cwnd=19200&unsent_bytes=0&cid=4ad1673364967b7b&ts=1823&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 28 Oct 2024 05:06:38 GMT
content-type
text/css
last-modified
Sat, 11 Feb 2023 14:13:36 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9865cb6997aa9e-YYZ
accept-ranges
bytes
content-length
34746
server
cloudflare
styles201602.css
www.o.vg/templates/okle/css/
22 KB
6 KB
Stylesheet
General
Full URL
https://www.o.vg/templates/okle/css/styles201602.css
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5235d9653cb1493a0a5534b9a1e16036a6dd49ff1559c321592182e3d04c89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/unit/energy/ajtokj.php

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"5937-603952affce98-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSBkq4faJIlVik9JbawG9rGgmGSb7u8CMez3lQdz2W2%2Bg%2FHeZrOFMO7akEbfI99wpgJd%2BUt33JVD%2BdfyWRZxWKkXnW0byWFZGza8LBzKbqjpPEcb%2BDhQXUUIXg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 05:06:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25589&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5609&recv_bytes=5431&delivery_rate=590&cwnd=12000&unsent_bytes=0&cid=4ad1673364967b7b&ts=1568&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 28 Oct 2024 05:06:38 GMT
content-type
text/css
last-modified
Wed, 23 Aug 2023 11:11:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9865cb6998aa9e-YYZ
accept-ranges
bytes
content-length
5028
server
cloudflare
js
www.googletagmanager.com/gtag/
321 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EGB8WF7XN7
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb6571bb04c1ce4af7040588ba17f433eb42b10d215b5f04f696de649f828c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 28 Oct 2024 05:06:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108883
x-xss-protection
0
server
Google Tag Manager
logo.png
www.o.vg/templates/okle/picture/
8 KB
9 KB
Image
General
Full URL
https://www.o.vg/templates/okle/picture/logo.png
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17757bd29b73d957072f70c2bf096d3c7200b900230d42573cfc39fc86e80b1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/unit/energy/ajtokj.php

Response headers

cf-cache-status
MISS
etag
"2138-5f46c1c993040"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGUmRxuDy82wjYbT8RZW9VGsHdACunFuJZ5CALahST4Mk8e8tr%2FHYLZEYk65xqEB7gguThJaPp2FAD9AGG3TOiNnQ9tffFdUvmxyEJ2Da%2Bo6WLr2psYsuQRRCw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 05:06:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25589&sent=19&recv=13&lost=0&retrans=0&sent_bytes=11433&recv_bytes=5431&delivery_rate=590&cwnd=12000&unsent_bytes=0&cid=4ad1673364967b7b&ts=1570&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 28 Oct 2024 05:06:38 GMT
content-type
image/png
last-modified
Sat, 11 Feb 2023 12:54:17 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9865cb699aaa9e-YYZ
accept-ranges
bytes
content-length
8504
server
cloudflare
web.e922008.js
www.o.vg/okle/js/
277 KB
88 KB
Script
General
Full URL
https://www.o.vg/okle/js/web.e922008.js
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec3940b162ceb1db79a59f64358ba5b7d242a6eb863190a95048b4914a8905b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/unit/energy/ajtokj.php

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"4549f-6015a0b06cc00-gzip"
age
1179
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEHf496Icm8tgDxAzV69rT1AEROuTT5owMTDvMeciPXtTJkvu29Ywgq4bqqWCV2KZ9X0t4BK0Vi7UbFPcjCU2BkyHwYdKmjRjMxEw1iyC6yroff%2BdUBMozYj4w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 04:46:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24025&sent=45&recv=27&lost=0&retrans=0&sent_bytes=40050&recv_bytes=6281&delivery_rate=12122&cwnd=19200&unsent_bytes=0&cid=4ad1673364967b7b&ts=1845&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 28 Oct 2024 05:06:39 GMT
content-type
application/javascript
last-modified
Wed, 26 Jul 2023 01:48:23 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9865d1cec8aa9e-YYZ
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7473147615149663
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f155.1e100.net
Software
cafe /
Resource Hash
f66de7ec1b93cc99c981aae483e917310ae0b37be9fd06b385cbb1ab1b5a7932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.o.vg
Referer
https://www.o.vg/

Response headers

content-encoding
br
etag
2421411641107805348
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 05:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 28 Oct 2024 05:06:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53541
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EGB8WF7XN7&gtm=45je4ao0v9164431064za200&_p=1730091999036&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101925628&cid=891228708.1730091999&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730091999&sct=1&seg=0&dl=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&dt=Convert%20Attojoule%20to%20Kilojoule%20%7C%20kJ%20to%20aJ&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EGB8WF7XN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.o.vg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:39 GMT
content-type
text/plain
server
Golfe2
dnddd27ev7
www.clarity.ms/tag/
689 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/dnddd27ev7
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::41 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b1c7b91b9e60c4d59949551b54b1386b6bcae728914eeecb66a1ef60cd8eaa80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Mon, 28 Oct 2024 05:06:39 GMT
content-type
application/x-javascript
x-azure-ref
20241028T050639Z-16859bc6c8ctrwbdwz1xm27th000000004zg0000000027y8
sprite.svg
www.o.vg/templates/okle/fonts/
171 KB
122 KB
Image
General
Full URL
https://www.o.vg/templates/okle/fonts/sprite.svg
Requested by
Host: www.o.vg
URL: https://www.o.vg/templates/okle/css/web.e922008.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8065f38511e2f2c8c16d21b04340b149b675e879a229b09cf898025dd1e74ea9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/templates/okle/css/web.e922008.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2ad56-5f48d847e7780-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0QQOymnNiYb4DRS3zW%2FLA7XNIEQyuRc8DcdUk8EKBJD%2B0qlTwo1SfRCI6kMNeWr5PjYLTejJySpLDq97%2BCNqvf9sl89Wihhq0TwI7mOL3o7Vdvi9RRSHEn4rA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 05:06:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24096&sent=150&recv=104&lost=1&retrans=1&sent_bytes=150967&recv_bytes=10122&delivery_rate=1173809&cwnd=38640&unsent_bytes=0&cid=4ad1673364967b7b&ts=2924&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 28 Oct 2024 05:06:40 GMT
content-type
image/svg+xml
last-modified
Mon, 13 Feb 2023 04:45:34 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9865d25f1baa9e-YYZ
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/
435 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7473147615149663
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f155.1e100.net
Software
cafe /
Resource Hash
bc68d6c80aa544258d614d80eab7b54d7f86e4408ab88606bc1463f8739655b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
br
etag
14588475460896765633
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 05:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 28 Oct 2024 05:06:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
148277
x-xss-protection
0
server
cafe
clarity.js
www.clarity.ms/s/0.7.49/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dnddd27ev7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::41 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

x-azure-ref
20241028T050639Z-16859bc6c8ctrwbdwz1xm27th000000004zg0000000027ya
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
6bd93a27-901e-007b-354c-286c47000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 28 Oct 2024 05:06:39 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/ Frame D719
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
37396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Oct 2024 18:43:23 GMT
etag
13108003645644964576
expires
Sun, 10 Nov 2024 18:43:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 28 Oct 2024 05:06:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 95F6
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730091999&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999260&bpp=7&bdt=1292&idt=170&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3523258617219&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5571
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 05:06:40 GMT
expires
Mon, 28 Oct 2024 05:06:40 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A39
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&h=250&slotname=7922701634&adk=2510999812&adf=3311504332&pi=t.ma~as.7922701634&w=300&abgtt=6&lmt=1730091999&format=300x250&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999267&bpp=1&bdt=1298&idt=217&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=221
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 05:06:39 GMT
expires
Mon, 28 Oct 2024 05:06:39 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
v.clarity.ms/
0
272 B
XHR
General
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.o.vg/

Response headers

Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin
https://www.o.vg
Date
Mon, 28 Oct 2024 05:06:39 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
ads
googleads.g.doubleclick.net/pagead/ Frame E0D0
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&h=600&slotname=9595640293&adk=4085947956&adf=3694598991&pi=t.ma~as.9595640293&w=160&abgtt=6&fwrn=4&fwrnh=100&lmt=1730091999&rafmt=1&format=160x600&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999268&bpp=2&bdt=1300&idt=234&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 05:06:39 GMT
expires
Mon, 28 Oct 2024 05:06:39 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FF08
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7473147615149663&output=html&h=280&slotname=6969476955&adk=411220485&adf=3314721653&pi=t.ma~as.6969476955&w=1098&abgtt=6&fwrn=4&fwrnh=100&lmt=1730091999&rafmt=1&format=1098x280&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730091999270&bpp=1&bdt=1302&idt=246&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250%2C160x600&nras=1&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
399
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 05:06:39 GMT
expires
Mon, 28 Oct 2024 05:06:39 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-7473147615149663
fundingchoicesmessages.google.com/i/
195 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7473147615149663?href=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e2d18beec33aae56d894239f6961d93049189e10ee5708ff4089a6034ded740
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--Ul1raOektPI4dKbJWq0SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBwPtv_ZwSZw4MOSxYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYA7mBJjg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--Ul1raOektPI4dKbJWq0SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
async-ads.js
www.google.com/adsense/search/
147 KB
53 KB
Script
General
Full URL
https://www.google.com/adsense/search/async-ads.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f104.1e100.net
Software
sffe /
Resource Hash
7bd7d890d0bcf0ab6689498ca02aa14ee3fca8ad5d247f5add91a3232097276d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
gzip
etag
"8958852292775372403"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 05:06:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
accept-ranges
bytes
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=95342162&hl=en&pvc=1065407920779712
Requested by
Host: www.o.vg
URL: https://www.o.vg/unit/energy/ajtokj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 28 Oct 2024 05:06:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f155.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.o.vg/

Response headers

AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZBChbm0ag2kArCTDBSGQvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.o.vg/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:40 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheLD9zw42gQ_bXvQxKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQyDWMzCPLzAAAI4zLq4"
content-security-policy
script-src 'report-sample' 'nonce-ZBChbm0ag2kArCTDBSGQvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.o.vg
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVigjQckSRhTH-msNU_q2SwTGAp_a-L3JW9NL0s5YYMHytAscrS41ClHAKYEKBED_pajToIml1XE9j7cizKJefm_9b19lYA0ffUXxWTobyEUYWJzomXIg3ovVzdeFXTzZo4g3TQEQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVigjQckSRhTH-msNU_q2SwTGAp_a-L3JW9NL0s5YYMHytAscrS41ClHAKYEKBED_pajToIml1XE9j7cizKJefm_9b19lYA0ffUXxWTobyEUYWJzomXIg3ovVzdeFXTzZo4g3TQEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMDkyMDAwLDQ2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuby52Zy91bml0L2VuZXJneS9hanRva2oucGhwIixudWxsLFtbOCwiWjdmeFZ6V2NISzQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY5XSwxMiwyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c98800d3ea5988d7b298533c0c46ca2b8b9b91b011ab6d1f8b912c4fd652b1e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uz2sDnQqKpndU4AvqcBepw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBwPtv_ZwSZwYuu6D4xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYA6ihJow"
content-security-policy
script-src 'report-sample' 'nonce-uz2sDnQqKpndU4AvqcBepw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ads
googleads.g.doubleclick.net/pagead/ Frame CA16
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7473147615149663&output=html&h=280&adk=3381294843&adf=3315553061&pi=t.aa~a.2398693436~rp.4&w=1098&abgtt=6&fwrn=4&fwrnh=100&lmt=1730092000&rafmt=1&to=qs&pwprc=4326259970&format=1098x280&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730092000267&bpp=1&bdt=2299&idt=-M&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e88f325354f48e0%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZTU4pNYx6ZTjT7lj88J17YBNQ3Tw&gpic=UID%3D00000f3b42a66de9%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZffMKW423PsF8pbldT3TC8y_gCww&eo_id_str=ID%3Ded36dac772494a41%3AT%3D1730091999%3ART%3D1730091999%3AS%3DAA-AfjbHDvlSDIebK2WIgaR-0TkR&prev_fmts=0x0%2C300x250%2C160x600%2C1098x280&nras=2&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=204
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 05:06:40 GMT
expires
Mon, 28 Oct 2024 05:06:40 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9D3C
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7473147615149663&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1730092000&rafmt=1&to=qs&pwprc=4326259970&format=1200x90&url=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730092000267&bpp=1&bdt=2298&idt=1&shv=r20241023&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e88f325354f48e0%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZTU4pNYx6ZTjT7lj88J17YBNQ3Tw&gpic=UID%3D00000f3b42a66de9%3AT%3D1730091999%3ART%3D1730091999%3AS%3DALNI_MZffMKW423PsF8pbldT3TC8y_gCww&eo_id_str=ID%3Ded36dac772494a41%3AT%3D1730091999%3ART%3D1730091999%3AS%3DAA-AfjbHDvlSDIebK2WIgaR-0TkR&prev_fmts=0x0%2C300x250%2C160x600%2C1098x280%2C1098x280&nras=3&correlator=3523258617219&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31087700%2C95331833%2C95344189%2C95345271%2C31088452%2C95335245%2C95344978%2C95345788&oid=2&pvsid=1065407920779712&tmod=183371939&uas=0&nvt=1&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=211
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 05:06:40 GMT
expires
Mon, 28 Oct 2024 05:06:40 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
362 B
259 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.o.vg&client=partner-pub-7473147615149663&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
ae29500e1e530e7538091bb365878dbb688d605f1d620b4efc03d2bed0c8e2c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

cache-control
private
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
237
date
Mon, 28 Oct 2024 05:06:40 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
syndicatedsearch.goog/afs/ Frame 7260
0
0
Document
General
Full URL
https://syndicatedsearch.goog/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-8e2a39cc4eb9d469f&fexp=95342162%2C21404%2C17301431%2C17301432%2C17301436%2C17301542%2C17301266%2C72717108&client=pub-7473147615149663&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=4421730092000512&num=0&output=afd_ads&domain_name=www.o.vg&v=3&bsl=10&pac=0&u_his=2&u_tz=-420&dt=1730092000513&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3372&frm=0&uio=-&cont=autors-container-0&drt=0&jsid=csa&nfp=1&jsv=688160506&rurl=https%3A%2F%2Fwww.o.vg%2Funit%2Fenergy%2Fajtokj.php
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-mLnjXxgJqorBeF_3M4FITg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
596
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-mLnjXxgJqorBeF_3M4FITg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 28 Oct 2024 05:06:40 GMT
expires
Mon, 28 Oct 2024 05:06:40 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
collect
v.clarity.ms/
0
272 B
XHR
General
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.o.vg/

Response headers

Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin
https://www.o.vg
Date
Mon, 28 Oct 2024 05:06:40 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
AGSKWxWhXF-3Yfk5p_7Ry3if91a-V7OMS-d8TLPe2-mp7ODA7vmrig0_it2HDKpexrXBLDaMdQ--wbLEfafD2kbKfY6gmOGEih-WYzI2gvwx-kmrpkEmGGizraWbyELGScIYp1jOFo3cIQ==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWhXF-3Yfk5p_7Ry3if91a-V7OMS-d8TLPe2-mp7ODA7vmrig0_it2HDKpexrXBLDaMdQ--wbLEfafD2kbKfY6gmOGEih-WYzI2gvwx-kmrpkEmGGizraWbyELGScIYp1jOFo3cIQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMDkyMDAwLDU1MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3Lm8udmcvdW5pdC9lbmVyZ3kvYWp0b2tqLnBocCIsbnVsbCxbWzgsIlo3ZnhWeldjSEs0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OV0sMTIsMl0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
6254bfe562a4b8e0c5acf34216fd0ae224ccd1116bdfbb2725a5a52e4e1f9efb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wADHMVR_Ppz5NvUPIPojEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBwPtv_ZwSbwY-OfFUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYA_SlJ5A"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wADHMVR_Ppz5NvUPIPojEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
8ba9c1eee5fa66f73adb5778df8465e739107cf2e74fef6c01bc7de71b7a2622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12846
date
Mon, 28 Oct 2024 05:06:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=097F82107DD047F2BBE433EDC822BC26&RedC=c.clarity.ms&MXFR=02F460801D3F693839DE75A6193F67BD
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=097F82107DD047F2BBE433EDC822BC26&MUID=05285B2A2C236991093B4E0C2DF568BC
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=097F82107DD047F2BBE433EDC822BC26&MUID=05285B2A2C236991093B4E0C2DF568BC
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Mon, 28 Oct 2024 05:06:40 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=097F82107DD047F2BBE433EDC822BC26&MUID=05285B2A2C236991093B4E0C2DF568BC
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AE8ACB333294014809A4D4F9EED7547 Ref B: YMQ01EDGE0320 Ref C: 2024-10-28T05:06:41Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Mon, 28 Oct 2024 05:06:40 GMT
x-powered-by
ASP.NET
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfns&evt=place&vh=1200&eid=95342162&hl=en&pvc=1065407920779712
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 28 Oct 2024 05:06:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
www.o.vg/templates/images/
112 KB
112 KB
Other
General
Full URL
https://www.o.vg/templates/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc61104ad15c058b704c7f3cdcb515213ef7e27ddf207f8fd625402d0d89a50a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/unit/energy/ajtokj.php

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"1bf0d-5f35f25662441-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AET6gFTzh3g8LQCkrOMl0AqGgZhSMWoEq8tZDFfav74Jx7G6GH25s%2Bld%2F8O%2Bqu2%2BsxIWg%2FbWo2vTj4JTbpgKTrJSNiY67rCatXmZMfBrYjEgkwIRFmn8Ha8v5w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 28 Oct 2025 05:06:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22828&sent=260&recv=140&lost=1&retrans=1&sent_bytes=278252&recv_bytes=12496&delivery_rate=1496295&cwnd=39840&unsent_bytes=0&cid=4ad1673364967b7b&ts=4660&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
image/x-icon
last-modified
Sun, 29 Jan 2023 04:00:58 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d9865dd3e8caa9e-YYZ
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 05:06:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame EEFC
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 04:25:02 GMT
expires
Mon, 28 Oct 2024 05:15:02 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E403
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f99.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mrWxG1eBqIfhnuhkEMnfGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.o.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mrWxG1eBqIfhnuhkEMnfGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Oct 2024 05:06:41 GMT
expires
Mon, 28 Oct 2024 05:06:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
adrectanglebanner
fundingchoicesmessages.google.com/f/AGSKWxWp289_wUFvl6E690TBg9JkKqQT0MHXBmf-nO4NqMHSnNlqAfMJ_Gpxq57Rl9GCSZbB9Ui6tP0plJKtaxf3uk9lDoj5TER--d2B6KU-07_IMhve1wIqF-5vGeIIYt4qAdDttkwIGW4sNQxRX7VAIQTiOlhCB...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWp289_wUFvl6E690TBg9JkKqQT0MHXBmf-nO4NqMHSnNlqAfMJ_Gpxq57Rl9GCSZbB9Ui6tP0plJKtaxf3uk9lDoj5TER--d2B6KU-07_IMhve1wIqF-5vGeIIYt4qAdDttkwIGW4sNQxRX7VAIQTiOlhCBVQE3NaG9O8wU_R2Y9bSuIRw4JQefN6S/_/insideAD./advertisingbanner./adrectanglebanner?/adchain./googleleader.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxuVcR4z_ar3ILCbuu4kOfZio42Ig/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
52a0288b7a6a5b906865bfb2585cea3a8f81510fa562ade43609b53d0f1fdc5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bw275pzZjbdclpDuk2seHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBwPt__ZwSYwYde8iYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYAy9NI_w"
content-security-policy
script-src 'report-sample' 'nonce-Bw275pzZjbdclpDuk2seHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum.js
pagead2.googlesyndication.com/pagead/js/
72 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxuVcR4z_ar3ILCbuu4kOfZio42Ig/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f155.1e100.net
Software
cafe /
Resource Hash
bf094d00db2d1bb8f61c37e20ac54c92769ed8c54dc466da589d1960ab647cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
br
etag
960435362783967794
age
3252
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 05:12:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 28 Oct 2024 04:12:29 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
26764
x-xss-protection
0
server
cafe
AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CV-nxMkiiIjLBV5EciWSlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.o.vg/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheLj9zw42gQPL50xiVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAGdLLic"
content-security-policy
script-src 'report-sample' 'nonce-CV-nxMkiiIjLBV5EciWSlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.o.vg
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bs40dMnkkGwNDuibR9szeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.o.vg/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheLj9zw42gQn3ly1jVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAHf9Llo"
content-security-policy
script-src 'report-sample' 'nonce-bs40dMnkkGwNDuibR9szeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.o.vg
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XA6WSxM0Jf3TTB9rQxjVNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.o.vg/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheLj9zw42gQNvpm1jVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAIQfLos"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XA6WSxM0Jf3TTB9rQxjVNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.o.vg
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J5mrMmcWKHiCV8PvVzQRlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.o.vg/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheLj9zw42gRvH3-5gVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAJ2ULt8"
content-security-policy
script-src 'report-sample' 'nonce-J5mrMmcWKHiCV8PvVzQRlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.o.vg
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVla8WkDXsTtr99J245nTPya15GiCSQlL9gGcCVwQxyHe1-Kor3kvWZaTvvRR7UFXnRiOLROnzVzkEJq77oNWazR9wJr2jvdJrBcmScrjT0pHRI2atlGBlrbrYZvnGRq5Sx_Qtcpw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVla8WkDXsTtr99J245nTPya15GiCSQlL9gGcCVwQxyHe1-Kor3kvWZaTvvRR7UFXnRiOLROnzVzkEJq77oNWazR9wJr2jvdJrBcmScrjT0pHRI2atlGBlrbrYZvnGRq5Sx_Qtcpw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMDkyMDAxLDMzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuby52Zy91bml0L2VuZXJneS9hanRva2oucGhwIixudWxsLFtbOCwiWjdmeFZ6V2NISzQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY5XSwxMiwyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
c4dad74e36a6bdd1cee3cb582b9dd4ba7df867a9e07eaa5bb63acb46cbf8e33e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6VhxzFh0_Cac8_NZpncPDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.o.vg/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBwPt__ZwSbw4NPjtYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYA_ZRJ9A"
content-security-policy
script-src 'report-sample' 'nonce-6VhxzFh0_Cac8_NZpncPDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUeEGetw4vBC5ZhVh7ZOXNQSiQG4CjZlGdq27FirymDg3ewBuM242sqMaGOfrDrBbEywIEE-YNZkV6wQtz1v-F4N66KE55QJHELlUoorkLlc5mb2HQwzSR0U6i7M9HysM9N1TXoug==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUeEGetw4vBC5ZhVh7ZOXNQSiQG4CjZlGdq27FirymDg3ewBuM242sqMaGOfrDrBbEywIEE-YNZkV6wQtz1v-F4N66KE55QJHELlUoorkLlc5mb2HQwzSR0U6i7M9HysM9N1TXoug==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I9i9b_SJ085cG6vLBLm9ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.o.vg/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheLj9zw42gY5Zp44zKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQyDWMzCPLzAAAHRPLlA"
content-security-policy
script-src 'report-sample' 'nonce-I9i9b_SJ085cG6vLBLm9ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.o.vg
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBtZeUuCpgqM1Bc1XSy_zp6I0mvWoMjkCDqhpsy0MCNXFhJsSg9gw24xOD-FCHFIaItn0hx9H-VbtrXM0Doz5tm6m2imv0bpyK2AxDZaeB1OzD55ddA3kU3iRSButzEyCOxiVxQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pffpvUayicexqmZMsYi-ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.o.vg/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 05:06:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheLj9zw42gRnHzl9nVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAIwcLqI"
content-security-policy
script-src 'report-sample' 'nonce-pffpvUayicexqmZMsYi-ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.o.vg
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/pagead/
0
0

collect
v.clarity.ms/
0
272 B
XHR
General
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.o.vg/

Response headers

Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin
https://www.o.vg
Date
Mon, 28 Oct 2024 05:06:42 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241023&jk=1065407920779712&bg=!Dg2lDULNAAZ-RxQpXkc7ADQBe5WfOGKA0_w1PfDEyMgQbaxuBIFKYF77ePky7beJdsVA4LJ3E-SKN9lBqieYmiB0u4YdAgAAAE5SAAAABGgBB34ANvVL2rZGQj-KrCDYdii2moy0SjwTgGLJQ_zlOtrk5GZBZkYR4BrAnLmaSYsIbD0v1iqqfK573ZkChMDY8mATuvySkiLJtkFIbIUqkXRRZQ_9Kf98QGFIkBYAOhLtzDewKTUJ4klwOqtWDKZh1D6CfKFnHCZUSumLa0ODinBM_fCYJOxAXeRtS4_CfeKvEGPcJ5qORceL8OzsWSpNa8AHJL3RSha1dQQpJOBPGa4yAb9Uctzx-jrLSGqVnrQIQCC9JWacK_RvQ6wxKx3jaGIU8NWsHuE-5rqd-BryYVgTlzAQYfwo_qRM3sBV_ZuWNja3025V6KeNWW_vgK_35EOvatdJbCeyVNu0O2W09itBhgDQq_veC08TrRLuwKFyiLCy65xhvXPaYIK2vXQQ0oPRCA_9nL3bLjx1psoz_Oyo9NPP7pKOiVfI6yZs5thQcyYCpHtXJfFQMKx-2JZtsCLY7wtAeFSSq9RKnCQzIYGsAW5DF8wbPoIAju444i-vWKmAQ3UmaQZsNiPkyzUEy7_yCZpeR0GIT5fUcq5waoEFXnHp6DTBIuxTwtsIsrazWQSXhZnsGJu-LOEzPZHXII1i00cWiswNg0E8XvPShI5cXlyyxY0XJtLF8br8RZsm9dH3Fsvzd3eoExLTtFm0BFsEVyqKJqH_VrtpUll7uv9gbn5NAx7LzHGtirCZvSFYYKCs4DM61rXv5PCKEJ2zbfzEvS3gs1flrjtUCqJV49wAUXvwhdYFWpghJ7BsWfK1s9gJUaU8ougUKgD-lhetRR9Ah9nt0UdE4Y-v6j731ffAX0MxjHfRbBR2p_AHHA4IkPzHcHRSBd2kkXXbKeTHNKI5RQ1fYcsjEcP0osnHhz4zYv1KmOojjq9cvgYigcIyX6yNrkrK5rVUqR9IWTHIMN_Xl_ifhtjAcV36q1zX6sTh

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| fixed function| lfixsci function| lfixed function| lfix function| afocus object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| clarity string| calculator string| category object| adsbygoogle string| shortu1 string| shortu2 string| u1 string| u2 string| u1uc string| u2uc number| unit number| unit2 object| sg1 object| sg2 function| csclear function| csclear2 function| csclear3 function| isNum function| cscheck function| calcs2 function| undo function| redo function| calcs function| revs number| num1 number| num2 number| num3 number| num4 number| num5 number| num6 string| result string| result3 string| result2 string| result4 number| result5 number| result6 function| $ function| jQuery function| tootip object| __SENTRY__ function| Cookies object| Toastr function| tippy string| site object| _tippyInstances function| tools function| ilove_openSocialAuthPopup object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googTempStyleOverrideInfo object| googNavStack function| _googCsa object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MWNjM2I3ZWM0Mzk2YjYxY2xvYWRlcl9qcw== string| MWNjM2I3ZWM0Mzk2YjYxY2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| GoogleGcLKhOms object| _google_rum_ns_ boolean| 79b547c3-a77d-48ea-b4fd-756b53d46f0b

18 Cookies

Domain/Path Name / Value
.o.vg/ Name: _ga
Value: GA1.1.891228708.1730091999
.o.vg/ Name: _ga_EGB8WF7XN7
Value: GS1.1.1730091999.1.0.1730091999.0.0.0
www.clarity.ms/ Name: CLID
Value: 86878808ec9b4d49b6c6659fc7056132.20241028.20251028
.o.vg/ Name: _clck
Value: 1q5ntnm%7C2%7Cfqe%7C0%7C1762
.o.vg/ Name: _clsk
Value: 8yj3gm%7C1730091999692%7C1%7C1%7Cv.clarity.ms%2Fcollect
.o.vg/ Name: __gads
Value: ID=4e88f325354f48e0:T=1730091999:RT=1730091999:S=ALNI_MZTU4pNYx6ZTjT7lj88J17YBNQ3Tw
.o.vg/ Name: __gpi
Value: UID=00000f3b42a66de9:T=1730091999:RT=1730091999:S=ALNI_MZffMKW423PsF8pbldT3TC8y_gCww
.o.vg/ Name: __eoi
Value: ID=ed36dac772494a41:T=1730091999:RT=1730091999:S=AA-AfjbHDvlSDIebK2WIgaR-0TkR
.o.vg/ Name: __gsas
Value: ID=e782e84cd56d3e79:T=1730092000:RT=1730092000:S=ALNI_MazQjKjOlyjypNeZB990geo7xJ78Q
.doubleclick.net/ Name: IDE
Value: AHWqTUnDfTYLxFmeqEQkbb09MGzyACLrnj6X2tECVHvv4gwKkJDG3ogjkSlpWhaz6yk
.bing.com/ Name: MUID
Value: 05285B2A2C236991093B4E0C2DF568BC
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 05285B2A2C236991093B4E0C2DF568BC
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 05285B2A2C236991093B4E0C2DF568BC
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.o.vg/ Name: FCNEC
Value: %5B%5B%22AKsRol-eljFIz1VDuFdpFG9xEEvPcKAswQtAUasXQADeCz2OYJo5dwZyiMM8qKbkgJrAU8h55OeQdKe_1ouyg-MoUAleWbUniUWpRFg_NM2AUSTyPYUZwdWZkypTK2HwDG9yoO9mtnXYgpgMXpyY2kSWDLC_B7ja6w%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
o.vg
pagead2.googlesyndication.com
partner.googleadservices.com
syndicatedsearch.goog
v.clarity.ms
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.o.vg
ep1.adtrafficquality.google
142.250.31.104
142.250.31.99
142.251.16.157
142.251.179.154
172.217.222.155
172.253.115.156
172.67.167.140
173.194.205.138
20.110.205.119
20.114.189.135
2606:4700:3037::6815:4a11
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c1b::8a
2607:f8b0:4004:c21::66
2607:f8b0:400d:c03::84
2607:f8b0:400d:c09::61
2620:1ec:bdf::41
2620:1ec:c11::237
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
17757bd29b73d957072f70c2bf096d3c7200b900230d42573cfc39fc86e80b1d
52a0288b7a6a5b906865bfb2585cea3a8f81510fa562ade43609b53d0f1fdc5f
6254bfe562a4b8e0c5acf34216fd0ae224ccd1116bdfbb2725a5a52e4e1f9efb
7bd7d890d0bcf0ab6689498ca02aa14ee3fca8ad5d247f5add91a3232097276d
7e2d18beec33aae56d894239f6961d93049189e10ee5708ff4089a6034ded740
7f5235d9653cb1493a0a5534b9a1e16036a6dd49ff1559c321592182e3d04c89
8065f38511e2f2c8c16d21b04340b149b675e879a229b09cf898025dd1e74ea9
8ba9c1eee5fa66f73adb5778df8465e739107cf2e74fef6c01bc7de71b7a2622
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ae29500e1e530e7538091bb365878dbb688d605f1d620b4efc03d2bed0c8e2c5
b1c7b91b9e60c4d59949551b54b1386b6bcae728914eeecb66a1ef60cd8eaa80
bc61104ad15c058b704c7f3cdcb515213ef7e27ddf207f8fd625402d0d89a50a
bc68d6c80aa544258d614d80eab7b54d7f86e4408ab88606bc1463f8739655b1
bf094d00db2d1bb8f61c37e20ac54c92769ed8c54dc466da589d1960ab647cbf
c4dad74e36a6bdd1cee3cb582b9dd4ba7df867a9e07eaa5bb63acb46cbf8e33e
c98800d3ea5988d7b298533c0c46ca2b8b9b91b011ab6d1f8b912c4fd652b1e3
cb6571bb04c1ce4af7040588ba17f433eb42b10d215b5f04f696de649f828c98
ce7c13472ab95ddad809207956bb1ddcf4c7429ca9cc89ff61e567b6c0bf3df4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d0893747c641c1ed2ee9702e74b96a60d4ba63b380b2eaeb0f9c26de8c0b51
f66de7ec1b93cc99c981aae483e917310ae0b37be9fd06b385cbb1ab1b5a7932
fca4bb105f114508090fb985557d1380f33c873c175c6e113c288b946017ae15
fec3940b162ceb1db79a59f64358ba5b7d242a6eb863190a95048b4914a8905b
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99