dev.ataaofsoru.com Open in urlscan Pro
2606:4700:3032::6815:2ebb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dev.ataaofsoru.com/
Submission: On December 26 via api (December 26th 2023, 1:31:19 pm UTC) from US — Scanned from US

Summary HTTP 51 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 8 domains to perform 51 HTTP transactions. The main IP is 2606:4700:3032::6815:2ebb, located in United States and belongs to CLOUDFLARENET, US. The main domain is dev.ataaofsoru.com.
TLS certificate: Issued by GTS CA 1P5 on December 24th 2023. Valid for: 3 months.

This is the only time dev.ataaofsoru.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3032::6815:2ebb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3031::ac43:d53a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4023:c0d::78	15169 (GOOGLE) (GOOGLE)
51	13

12 2606:4700:3032::6815:2ebb (United States)

ASN13335 (CLOUDFLARENET, US)

dev.ataaofsoru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d53a (United States)

ASN13335 (CLOUDFLARENET, US)

aofsoru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

c5f0975f9f36dfd6937249b34b970d3e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:c0d::78 (Las Vegas, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	72 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 c5f0975f9f36dfd6937249b34b970d3e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	251 KB
12	ataaofsoru.com dev.ataaofsoru.com	230 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	174 KB
3	gstatic.com www.gstatic.com csi.gstatic.com	18 KB
2	aofsoru.com aofsoru.com	16 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	78 KB
51	8

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	dev.ataaofsoru.com	dev.ataaofsoru.com
8	pagead2.googlesyndication.com	dev.ataaofsoru.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	dev.ataaofsoru.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.gstatic.com	dev.ataaofsoru.com
2	aofsoru.com	dev.ataaofsoru.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	c5f0975f9f36dfd6937249b34b970d3e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	dev.ataaofsoru.com
51	13

This site contains links to these domains. Also see Links.

Domain
aofsoru.com
aolsoru.com
aoosoru.com
apps.apple.com
play.google.com
ataaofsoru.com

Subject Issuer	Validity	Valid
ataaofsoru.com GTS CA 1P5	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
aofsoru.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://dev.ataaofsoru.com/
Frame ID: 3C10AA321AF5288A3DFBE8F821EA1400
Requests: 43 HTTP requests in this frame

Frame: https://c5f0975f9f36dfd6937249b34b970d3e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 08994A7E6DE041039F33DF8E33977D7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 120718ABFD86FE868F965533C8A7FBB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3095732206138064&output=html&adk=1812271804&adf=3025194257&lmt=1703597475&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fdev.ataaofsoru.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703597474831&bpp=4&bdt=1165&idt=220&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9877629dd51566b%3AT%3D1703597474%3ART%3D1703597474%3AS%3DALNI_MZW7KdDBOdg2EGlnHNCE8Ru8mvNug&gpic=UID%3D00000a04d97258df%3AT%3D1703597474%3ART%3D1703597474%3AS%3DALNI_Ma9fg1OOvS4ixS39AgxJ9mrrDipfw&nras=1&correlator=7673856960847&frm=20&pv=2&ga_vid=259399495.1703597475&ga_sid=1703597475&ga_hid=343978104&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C44809004%2C95320869%2C95320884&oid=2&pvsid=1692051310429433&tmod=1372904621&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=254
Frame ID: 492BE1AC6EDFBE42E539695DA6605D8B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 759C494BF3F5A840752822A4C162FA90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DEBF75C1E8E9B1E9E035EC59CF047E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Çıkmış Sorular, Ders Notları ve Özetleri, Online Deneme Sınavları

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

13
Subdomains

13
IPs

1
Countries

839 kB
Transfer

2371 kB
Size

6
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://aofsoru.com/
Title: AÖF - Anadolu Üniversitesi

Search URL Search Domain Scan URL

URL: https://aolsoru.com/
Title: AÖL - Açık Lise

Search URL Search Domain Scan URL

URL: https://aoosoru.com/
Title: AÖO - Açık Ortaokul

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/id6450175457

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ataaofsoru

Search URL Search Domain Scan URL

URL: https://ataaofsoru.com/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aofsoru

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/id1481651650

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aolsoru

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/id1491778239

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aoosoru

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/id1497863718

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dev.ataaofsoru.com/ 32 KB
7 KB 646ms
372ms Document
text/html 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5165216efea4962063c2bce871b276969ea2c773fdc6149d951223448bc8180

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b9aed01e574bc7-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 13:31:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhbhK5%2BmMsEvAhlQdcO7bsZAMfArRLi4QrLRYouq2RXYjH7gQDm8H8gfsOf3ZrL%2F4sJkzpon3lm74UP0RkvauoygpNEqL3dayIvmNW6YsTWpF%2BA4vZuG6XV96%2FdNo8WsKpVpFvjyTPT96kX83NAzyu0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
dev.ataaofsoru.com/lib/bootstrap/dist/css/ 227 KB
33 KB 686ms
684ms Stylesheet
text/css 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/lib/bootstrap/dist/css/bootstrap.min.css?v=Fu5_PVNGJlC70y4mPEjA6nWVdPz2IMaBrXGQCJEsRho
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382e8d5f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXmUzDtdtYnmfUvFfBQmLSwQywGq0GtnagOTOoR7u2S2ZleM6MoJbHB9ou64xq%2F%2FacvCUV1mDvleh9IXWYpOMcTKzIHGug6EOJromXk9y2OJbRVCozTpZG44FvhNVRF2G1EDnQxVibyUUHwa9kYtBmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 83b9aed2884e4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-icons.min.css
dev.ataaofsoru.com/lib/bootstrap/dist/css/ 80 KB
13 KB 498ms
497ms Stylesheet
text/css 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/lib/bootstrap/dist/css/bootstrap-icons.min.css?v=BicZsQAhkGHIoR__IB2amPN5SrRb3fHB8tFsnqRAwnk
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062719b100219061c8a11fff201d9a98f3794ab45bddf1c1f2d16c9ea440c279

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382ea1910"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sui5kReZJqV6K%2FGTGTwSFatVLi0WUXzFe1rqojCF3eoDzxEIqGTuOHj6c%2FpUcTdOxfiW0Ofujd5DzEAuXxCGVQSQORiEeBxtlajzbF098Xoct5DBu04U24mPS6yqQyYfq8oSaM0RTTQkdn86dzQL25Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 83b9aed288514bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 site.css
dev.ataaofsoru.com/css/ 1 KB
894 B 237ms
237ms Stylesheet
text/css 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/css/site.css?v=HwI88D47BhDbpF2ZzfY4Ga1THbbtU_JcSSuOSNpf_Fw
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad5c63674dc81c2537a605ee33ef7eac98ae419af3795b7cdc32cb03d637e63c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382eb5cee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3010QKMcsGUeEYT0nzm2vrthtsqSHl%2FGtB1R%2B3%2Bfv6Pws6iDzHSDe3QVW6BYFESQJ4eQQ672W%2Fi30IuhgQgZsSqa%2Ft%2BSX1t%2FOuPDXgGc7jM7OEywmCV1%2FGecCo04LxGm49Ra4ki8H%2BDnUEcgPcyXboo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 83b9aed288534bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 ATAAOF_Web.styles.css
dev.ataaofsoru.com/ 1 KB
836 B 241ms
240ms Stylesheet
text/css 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/ATAAOF_Web.styles.css?v=RCTMPWdtlWa3n3Rrr17Rgehxrnspz-30JI7RD0gmirI
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4424cc3d676d9566b79f746baf5ed181e871ae7b29cfedf4248ed10f48268ab2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:01:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e39991b437"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxsLlrcwALkNBzy%2Fl6JYxKfSi8g%2FylDza6kEwtwVOGk7WMaXkiMwPrPJi1GqUrzzYG3rg5KXsOdv1E3rMjrxtg0SOTi3XOrfaSZRsQLF1EzI%2BrOfi8qWhB2u2dl6uIIDoK0l6%2BYXiphmtdvfsNQSblA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 83b9aed288564bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 smartbanner.css
dev.ataaofsoru.com/smartbanner/ 4 KB
1 KB 237ms
236ms Stylesheet
text/css 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/smartbanner/smartbanner.css?v=WAmcuDJoByaQl9gfUwPdfA2RIjbsD6JJY6DAW0owGRs
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58099cb8326807269097d81f5303dd7c0d912236ec0fa24963a0c05b4a30191b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382eb57ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gk95UqRyvNLKH0BCYwdpsMtqZjDoZTRXRHn9anFbl7ehgErYbwjMh7mIAFmzlZP%2Bp1FsEquz%2F7jrdeQHcYHKWxOmkaNPM0wDNq7PcgPKlSw4YVTvReOJsORug7NweEu9zKVsXhSuHH4wenKJo4RuJWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 83b9aed288584bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 163ms
83ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

825ef229f2348e06e79d8ac3ac4d428208e744f3dd642bbef9172f2ca588a070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29100
x-xss-protection: 0
server: cafe
etag: 120 / 19717 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 13:31:14 GMT

GET
H2 200 app_icon_2x_ios.png
aofsoru.com/Content/assets/images/ 6 KB
7 KB 550ms
230ms Image
image/png 2606:4700:3031::ac43:d53a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aofsoru.com/Content/assets/images/app_icon_2x_ios.png
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d53a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3075a75fefa88b4268e5ef16ae51b4c0e979ffd4de9912cb70e12a026ff452b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 6566
last-modified: Fri, 01 Dec 2023 11:33:46 GMT
server: cloudflare
etag: "5514ec3e4a24da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl1Fr7iIgZn2T4jnnxxBMefnWOKQhvJ9pezG3XjNOQww7gB%2FNNYxklnhpkizSntoQb2I0cJJE%2FYkWNPRCkipSHvABYy4anqVq8hht5F9ivalkHZQC4IUnLan7qGs7jYskeZreqSWf0huPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-server: ns3
accept-ranges: bytes
cf-ray: 83b9aed48e064bc3-BUF

GET
H2 200 app_icon_2x_android.png
aofsoru.com/Content/assets/images/ 8 KB
9 KB 546ms
226ms Image
image/png 2606:4700:3031::ac43:d53a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aofsoru.com/Content/assets/images/app_icon_2x_android.png
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d53a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 86a3115c4b1dcf8824e068ee336cbc6f384740409ea30812393c31f105db2da0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8554
last-modified: Fri, 01 Dec 2023 11:33:46 GMT
server: cloudflare
etag: "2b31fd3e4a24da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSsH2hc03%2F14p7DB%2FRVZR1jB4FgITwzXGW75OeBYFmj3sYtdzy72rW%2B9dLxfFiXtG1JoZi4tovU%2Fkmtq1J%2B7I04gYFlN9%2FR1WiFIChiOQSXtOftOi%2BqrlXh0swRNa4VQgHMSe2Xq94q7EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-server: ns3
accept-ranges: bytes
cf-ray: 83b9aed48e054bc3-BUF

GET
H3 200 jquery.min.js Show response
dev.ataaofsoru.com/lib/jquery/dist/ 87 KB
32 KB 547ms
547ms Script
text/javascript 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/lib/jquery/dist/jquery.min.js?v=_xUj-3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej_m4
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382ea049d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH0VJDFfjNfQJInMS8T0GOQBlBOEgdbRbG4Z9FBPralzR%2BTyeJLi%2BZF5nqpKAwXVvB%2BgteUyHXqWhB30a%2BK2oevJuho8jovSgHMVrVRS%2FhnNKFcJ6I72OljMZgLHKH0KQ1TpWH2mGY56pAH%2Fk2Y3LJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 83b9aed5fbff4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
dev.ataaofsoru.com/lib/bootstrap/dist/js/ 59 KB
17 KB 465ms
464ms Script
text/javascript 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/lib/bootstrap/dist/js/bootstrap.min.js?v=QucgBAKNM4KKPJHqTfH8e-JON1G_gmPPqtMmBb-wHpc
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e72004028d33828a3c91ea4df1fc7be24e3751bf8263cfaad32605bfb01e97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382ebb559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2F3YjZb%2FPlN2ci2r%2FYAWghNXcExA9brsdxkE2qn%2F3ZqNrI6iJKDQ7%2BPiszOz9JpritVMDdW%2BKmSsH2D5%2BDyPMn1ynoLodBZFOVwT%2Fo3%2BqbL6riSkPqfDNt4DVKCBAvqGIbjO2AZqkOYm7JRZUibTVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 83b9aed5fc004bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 site.js Show response
dev.ataaofsoru.com/js/ 227 B
678 B 232ms
231ms Script
text/javascript 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/js/site.js?v=ZuuafqFPrVRBKcjc9nVnUgldbE3hS3GG5WeZxe6SIR0
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b4fd31174f873dce8e3fb42437b2f13304c6ac5fbbaba96293c223ff709256f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382eb59e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hY4PsDNyXSxoeaSkwfjSkg6hweQccORkOC7%2FILXCNgjNExAxiMGSfogcXNNBP0Zp6nrpPqC%2FcMqi%2BzuzmIc1312A9e4l5TPEfrOTEdn9CnOCBNJITw1bpSOL5GDYG8EuN0jFNjhGC3cuYa6GbdMC%2Fco%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 83b9aed6dcfa4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 141ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3095732206138064

Requested by

Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ef64a53094cc06f1525bd5672f44146e4f4c317fc00f9771850b1bb8a9d4b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
Origin: https://dev.ataaofsoru.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51281
x-xss-protection: 0
server: cafe
etag: 16086165814941697019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 13:31:14 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.10.1/ 22 KB
7 KB 107ms
29ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.1/firebase-app.js

Requested by

Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7928369a406440002cb4b79ce79e2374bb580a6f189a16db2e400cdfa80e3130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7003
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 20:19:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 20:30:17 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.10.1/ 40 KB
11 KB 103ms
25ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.1/firebase-messaging.js

Requested by

Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 19:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10881
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 20:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 19:09:35 GMT

GET
H3 200 init-firebase.js Show response
dev.ataaofsoru.com/js/ 2 KB
1 KB 232ms
231ms Script
text/javascript 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/js/init-firebase.js?v=R7nrv7yme6n59nHxT_rCzDf0uRWb7CkQ_7bSy2mCeYI
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d843f7f903adb7196d9ac541adf8099e0bed0d90e7d511de1563ec68a4fa32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382eb50c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7QJuAOGGp5mqM%2F1HMriqMKxeoGBsaBvM6Sarvd4CEQSAst5Lex3pyKBpmjODS3Rjfjgkeyimf8%2FFfdTbapsB3TJJU0rcNpSX072kbxYqwfNB%2FN00Jej16190q%2F%2FCZ%2FJT8CNsRenxffXrwmrPcUEJxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 83b9aed6dcff4bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 smartbanner.js Show response
dev.ataaofsoru.com/smartbanner/ 20 KB
5 KB 362ms
361ms Script
text/javascript 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/smartbanner/smartbanner.js?v=qXbn4kY7N6C2vhS5J3LdGGRuG0myVQ7c_chGCTtyjME
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a976e7e2463b37a0b6be14b92772dd18646e1b49b2550edcfdc846093b728cc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da28e382eb0809"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvHBpB2n5AI98sKTxfCfaH75b9obCoxqtN8WbU5xuMkvmqKvkN8pVg198eK8ry89S6Ac9rrw8HQRvP4xJcmjwkXk2FtDFexOgobZRi6wp0cwDzz9svy6FRZ2jm21AVkgX6VvfTgAjxhjI%2FPThnxgBIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 83b9aed6dd004bc7-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 135ms
56ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9XD9JRYZTL

Requested by

Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e3322ddc8988c722310c4e35018f3afb5c1de23d286188a45b3d4c10e40c811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Dec 2023 13:31:14 GMT

GET
H3 200 bootstrap-icons.woff2
dev.ataaofsoru.com/lib/bootstrap/dist/css/fonts/ 118 KB
119 KB 546ms
546ms Font
font/woff2 2606:4700:3032::6815:2ebb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.ataaofsoru.com/lib/bootstrap/dist/css/fonts/bootstrap-icons.woff2?1fa40e8900654d2863d011707b9fb6f2
Requested by: Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/lib/bootstrap/dist/css/bootstrap-icons.min.css?v=BicZsQAhkGHIoR__IB2amPN5SrRb3fHB8tFsnqRAwnk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2ebb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f

Request headers

Referer: https://dev.ataaofsoru.com/lib/bootstrap/dist/css/bootstrap-icons.min.css?v=BicZsQAhkGHIoR__IB2amPN5SrRb3fHB8tFsnqRAwnk
Origin: https://dev.ataaofsoru.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Dec 2023 08:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1da28e382ea80fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I96Nn9drPxAz%2BOFcK2B3KPpocbGGxlGnk3F7s72L%2BhHJZ3TqaSATjuHg4nUTLRdg76%2BAsMHv0NWsQIDWKgyuNaq%2BKMYeSgMqEbMFX5mqn1ZTpmXw5aVKSsyYnyoYUS%2BFpcLgHmyiFmquSpmMcXfXJUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 83b9aed6ed024bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 121340

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 25 Dec 2024 13:29:43 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
459 B 273ms
272ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1692051310429433&correlator=2747581056593611&eid=31079957%2C31080121%2C95320408%2C31079525&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=115608474%2CATAAOFSoru_Web_Masthead_Smart%2CATAAOFSoru_Web_Pageskin_Left_Smart%2CATAAOFSoru_Web_Question_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%7C728x90%7C468x60%2C300x600%2C480x320%7C336x280%7C300x250%7C250x250%7C234x60%7C320x480%7C300x600%7C240x400%7C300x100%7C468x60%7C320x50&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703597474696&lmt=1703597474&adxs=332%2C0%2C-9&adys=178%2C85%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdev.ataaofsoru.com%2F&vis=1&psz=960x1598%7C1600x1848%7C0x-1&msz=936x0%7C300x-1%7C0x-1&fws=0%2C512%2C2&ohw=0%2C0%2C0&ga_vid=259399495.1703597475&ga_sid=1703597475&ga_hid=343978104&ga_fc=false&dlt=1703597473666&idt=987&adks=2332153190%2C883679270%2C871596395&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ad5d234189d1a8f7ecf49b71fd25d9a65b7c150ba4d294e75b08691c907edde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 428
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dev.ataaofsoru.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c5f0975f9f36dfd6937249b34b970d3e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0899 6 KB
3 KB 135ms
43ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5f0975f9f36dfd6937249b34b970d3e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 13:31:14 GMT
expires: Wed, 25 Dec 2024 13:31:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 127ms
74ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3095732206138064

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 5399571436788735572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 13:31:14 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 1207 9 KB
4 KB 83ms
25ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3095732206138064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 62650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:07:04 GMT
etag: 17470903016016266172
expires: Mon, 08 Jan 2024 20:07:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 102ms
37ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9XD9JRYZTL&gtm=45je3bt0v9123674594&_p=1703597474811&gcd=11l1l1l1l1&dma=0&cid=259399495.1703597475&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703597474&sct=1&seg=0&dl=https%3A%2F%2Fdev.ataaofsoru.com%2F&dt=%C3%87%C4%B1km%C4%B1%C5%9F%20Sorular%2C%20Ders%20Notlar%C4%B1%20ve%20%C3%96zetleri%2C%20Online%20Deneme%20S%C4%B1navlar%C4%B1&en=page_view&_fv=1&_ss=2&_ee=1&tfd=1909
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9XD9JRYZTL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 13:31:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dev.ataaofsoru.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 492B 11 KB
5 KB 326ms
324ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3095732206138064&output=html&adk=1812271804&adf=3025194257&lmt=1703597475&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fdev.ataaofsoru.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703597474831&bpp=4&bdt=1165&idt=220&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9877629dd51566b%3AT%3D1703597474%3ART%3D1703597474%3AS%3DALNI_MZW7KdDBOdg2EGlnHNCE8Ru8mvNug&gpic=UID%3D00000a04d97258df%3AT%3D1703597474%3ART%3D1703597474%3AS%3DALNI_Ma9fg1OOvS4ixS39AgxJ9mrrDipfw&nras=1&correlator=7673856960847&frm=20&pv=2&ga_vid=259399495.1703597475&ga_sid=1703597475&ga_hid=343978104&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C44795922%2C44809004%2C95320869%2C95320884&oid=2&pvsid=1692051310429433&tmod=1372904621&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6885f85d2c4c63e6c1fae02be673e894f5599f6da1246f26c1e77aae41052f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 13:31:15 GMT
expires: Tue, 26 Dec 2023 13:31:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
50ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: dev.ataaofsoru.com
URL: https://dev.ataaofsoru.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 13:31:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-3095732206138064 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 134ms
68ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3095732206138064?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32773d1b80fd92a00f7ea30fd5ef4dc7f029aeebfce57ac27c4dc1016bf73211

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gdUDvzoqcosfLk3UEEOYiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-gdUDvzoqcosfLk3UEEOYiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX-XGfIxdPaniWfTh1tce5jnMDT23cPnmPa4rbTYgf-H-3W2D8fEHMy7UFS1si8Huuwq3ef428nVIrUMXnC6aoNeoJc4fcLH36KmBTDMFmZn-dzeb_5tOXF8TDj-BXCn0M0hlCVNA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
70ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX-XGfIxdPaniWfTh1tce5jnMDT23cPnmPa4rbTYgf-H-3W2D8fEHMy7UFS1si8Huuwq3ef428nVIrUMXnC6aoNeoJc4fcLH36KmBTDMFmZn-dzeb_5tOXF8TDj-BXCn0M0hlCVNA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNTk3NDc1LDczMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kZXYuYXRhYW9mc29ydS5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

557cade6d5edde8d54fe61469fcbe512b72bd4a2d73566267194af16c5a9a73e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HOfaVvH-0VHXd6U2ZDg7CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-HOfaVvH-0VHXd6U2ZDg7CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU_QDGHHxAC18Omq2Xg7_SyXys8g3rS58pH_Cjar8JZiJfF5tjZk0rx02sRGF-sUv4fW1dvnIWUL41JMXIte1kjfNH2pkzPcGuod_DGcjyap59cgrDOpAG216UNbj3TydKLz4CAXQ== Show response
fundingchoicesmessages.google.com/f/ 14 KB
6 KB 88ms
86ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU_QDGHHxAC18Omq2Xg7_SyXys8g3rS58pH_Cjar8JZiJfF5tjZk0rx02sRGF-sUv4fW1dvnIWUL41JMXIte1kjfNH2pkzPcGuod_DGcjyap59cgrDOpAG216UNbj3TydKLz4CAXQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNTk3NDc1LDgxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsInRyIl0sImh0dHBzOi8vZGV2LmF0YWFvZnNvcnUuY29tLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f5d0246195d2860e46b1030711594edc0e0a962b073fc67f1b5fbebca776822

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pe1aSFtgD940LHFRDewlrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-pe1aSFtgD940LHFRDewlrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
59ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5406a60a13fe9af573847f27c3a65049c2eddcac785bbdb66d44b04e5869ce4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12241
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 105ms
47ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 13:31:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 759C 13 KB
5 KB 27ms
24ms Document
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 62522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:09:14 GMT
expires: Tue, 24 Dec 2024 20:09:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0DEB 829 B
1 KB 102ms
45ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ecf9f47ed28e5bf3bbb4a9b466df38bd96cfeffa89c976c3fde985497eb823f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zks2lpPM3Chrw4RsYxF3Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dev.ataaofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zks2lpPM3Chrw4RsYxF3Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 13:31:16 GMT
expires: Tue, 26 Dec 2023 13:31:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 759C 39 KB
15 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 20:09:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0DEB 0
0 51ms
51ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1692051310429433&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 759C 0
10 B 25ms
24ms Image
text/plain 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HO-cPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1692051310429433&bg=!29il2JfNAAY3kmNgF5I7ADQBe5WfOGtARlqaYPEtnfFxNLA9LsTszdPpCGAXYHIrkZM35h1hZ0xVv1Q9E8gM7c3ofDgTAgAAAIVSAAAAA2gBB5kC-FpbsJVWHf5jB_x4aj3njtrT6YPROUJwqE0w50V3xqZGWCMB0wjZ6lARhnDpWa3GqN7JQEYQacjfOSXvmX0l81ZUTr7bg5TfBv-YPB21ndMgBQlGl0DNMa6sJqgJDg89pI9JitVGsuvCFLMqF1J37cCDBFgMGA58pdfQfsjoDsep9GkHv1kmKb9PpnL8d13soMqjDzNgmzlrhRsZJ9-h-lhj4hhv7mScFOA_WGHvzWr6ILmvoi4hxKIM1Ovbj4x1x499ULOuCHGK4Bd6206IPR49T8d-7ToCl0EaFmp77OmxECVvrbCS0CEy3npzapc4oOlIIrHD0r2_eslGOf1_j4oqtcW6Oae09fLcuS2excr1MkqsgGoLDkyeP06AHqgkd9TlMdp_pzrKEWm9BntmE27SJhp4EhRuL0gwgW89Q9FwlQoJCVHxVxMf8lqIq-M0k7bw1BEP1iuVvLLpIELRKNbL0GH5fYdaZU-EuHV4dBlQXirk7t-PMt9JNpLP6ya5WGn-IDYg8b5gN8Lkjs2owExpjOcDf8NyQHOdYW1Rh8LTQLSYtKkDCX-cAhX4T_HKtQssHqV3k2VUv_mDFLxGvqkgPoyXers2UUCAxWoT8e7ZhPRcGBtCppHhNwbAqtDAEUqSx5F3Xa-VKuKIAyR2vPRkeZ74wr_YZdJBaQh-6PSXMlEsu8q3PqY6CeoCWMCwsQWVyzVbypbv20Hsk_F0UY10GVa8LmfWwvyayfyqcn883y7F0gJhf071sUEbNo_MqcEVVLg4Q1kgBGHHKFP_LbA-TUYG-uJWMFFk4vVC3sGyV86Jyq4Wcwakn2XQVI9gzDvBcbs_MlXQEUkM6dwcB3N6tMBpUpU5wSpupKgbyp7KgKXa7SS2d1_TCqED7GdKo1vJEPQkl0HjP6sp6KNOqS78UtFQ9svhyV_xuZXAD1YIl9_5zBwUP1nXNr2e_3n9b_ajhYAMWTb0x0v81Mn_0cm2VA7Ere4H5FcXKi0xxp1XQgRvL4SQQOo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 50ms
49ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.0462562554216275

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KuSZAvBcUe2bhAxiAJVc_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-KuSZAvBcUe2bhAxiAJVc_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 48ms
47ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.07200197161317945

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TNICz_Uqk31JuOlepwsBpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-TNICz_Uqk31JuOlepwsBpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 95ms
45ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pFMXBFEPdY-Ej2dhoM9VpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pFMXBFEPdY-Ej2dhoM9VpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dev.ataaofsoru.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 newad Show response
fundingchoicesmessages.google.com/f/AGSKWxXa4mCDL9bAd1q8s0Sk1p4d0NEXVJeIEwG_o1aN7-NwGQXFHU7ASq9b19KAx0HjEtZBRD4ziGTlUtDlaPEJcOnZj-_bO36ZbBEcgEBTwayWnne-xgMf6J-KeCJmp3ocL6IeV2nCEU498bz9gv8B-Va4PDRAe... 54 B
109 B 50ms
48ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXa4mCDL9bAd1q8s0Sk1p4d0NEXVJeIEwG_o1aN7-NwGQXFHU7ASq9b19KAx0HjEtZBRD4ziGTlUtDlaPEJcOnZj-_bO36ZbBEcgEBTwayWnne-xgMf6J-KeCJmp3ocL6IeV2nCEU498bz9gv8B-Va4PDRAeiIbHXa8wfatGklS-mMNFrHLiZaCavZM/_/adsvc2./newad?/nd_affiliate./468x60./fastclick728.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08ab8210682d32f7c25d6b21c1c6cf185f6e8966f8850503909ac9a3a0abecd7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oIAhhcB-U37HW7SHfHz_nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-oIAhhcB-U37HW7SHfHz_nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24502
x-xss-protection: 0
server: cafe
etag: 8172479049841164170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:11:33 GMT

POST
H3 204 AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
46ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-reXpTReUfvnUivp8QVIJzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-reXpTReUfvnUivp8QVIJzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dev.ataaofsoru.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
46ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jRT-kLzrxpltrTcwZaQjfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-jRT-kLzrxpltrTcwZaQjfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dev.ataaofsoru.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
49ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sm7FANNZanu0whTxoHRxlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sm7FANNZanu0whTxoHRxlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dev.ataaofsoru.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8IxpWN_bKnJkD8IsLMdgJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8IxpWN_bKnJkD8IsLMdgJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dev.ataaofsoru.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVOkdRxHiJxBj8983Fz8yKYJ-EPHZBYfC1Vyn5hrdfkRWGIBhUAk0-AnNRK6LMyTHLw7OwdH-yKBRKXtWsn0HGkSVo7xWUxJ4NssI_W5qU_gti2LNKCfq_w4gKhrVXvDy-TvZ2g0Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
64ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOkdRxHiJxBj8983Fz8yKYJ-EPHZBYfC1Vyn5hrdfkRWGIBhUAk0-AnNRK6LMyTHLw7OwdH-yKBRKXtWsn0HGkSVo7xWUxJ4NssI_W5qU_gti2LNKCfq_w4gKhrVXvDy-TvZ2g0Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNTk3NDc3LDc4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwidHIiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kZXYuYXRhYW9mc29ydS5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0e3e3a5fb62f46f8e4638b3e920617fef80bac562eda4e2d15a68464cd15178

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ooy3IL-krXQod9HRaSR_1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ooy3IL-krXQod9HRaSR_1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 257ms
84ms Ping
image/gif 2607:f8b0:4023:c0d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lqmdyaom&ctx=0&met.9=1.174~2.19j
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:c0d::78 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dev.ataaofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 13:31:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWHm3a8YyBWQaYWDHMMyfw9VJJbK39BDRPgBI1-vX8gRQ-rQxr6Ie0E1ppq0gWBWWLZt6Yzc1C_226vxt87e-WuhArK3DGdTfxRxLgs_rAr63xwP3tc6Elr-SmiKPptaLeWISi6Sg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 48ms
48ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWHm3a8YyBWQaYWDHMMyfw9VJJbK39BDRPgBI1-vX8gRQ-rQxr6Ie0E1ppq0gWBWWLZt6Yzc1C_226vxt87e-WuhArK3DGdTfxRxLgs_rAr63xwP3tc6Elr-SmiKPptaLeWISi6Sg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IGlIN2tb3jgH4x3KoocJ0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-IGlIN2tb3jgH4x3KoocJ0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dev.ataaofsoru.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
46ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXun1FXPxqdFCLvc4WhKyYCA20iAe-coq192-4glLFJt2WosfiABE6fWDtf1Kyx0CINs5xH6lDCueqXnu7e8XKb7w_XgR-1el7O8Y9WVhTmg2f-0m1fZChipU_UrfUSVFRGkGoNaQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Xtfx_sP9_u1BO1mgCFk0Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev.ataaofsoru.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 13:31:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Xtfx_sP9_u1BO1mgCFk0Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dev.ataaofsoru.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ataaofsoru.com/	1970-01-21 02:49:17	Name: _ga_9XD9JRYZTL Value: GS1.1.1703597474.1.0.1703597474.0.0.0
.ataaofsoru.com/	1970-01-21 02:49:17	Name: _ga Value: GA1.1.259399495.1703597475
.ataaofsoru.com/	1970-01-21 02:34:53	Name: __gads Value: ID=d9877629dd51566b:T=1703597474:RT=1703597474:S=ALNI_MZW7KdDBOdg2EGlnHNCE8Ru8mvNug
.ataaofsoru.com/	1970-01-21 02:34:53	Name: __gpi Value: UID=00000a04d97258df:T=1703597474:RT=1703597474:S=ALNI_Ma9fg1OOvS4ixS39AgxJ9mrrDipfw
.doubleclick.net/	1970-01-21 02:49:17	Name: IDE Value: AHWqTUnsiJcLWCizaqLaagYzqzPP1hYvX9gsfJVzL1JOK2JIRcI3GO7b-ouPfyy5YLU
.ataaofsoru.com/	1970-01-21 01:58:53	Name: FCNEC Value: %5B%5B%22AKsRol8lWwyR4oeZcB_xgVDdp2zVE2U21HbgcJGR8eTWyuqUMkT44-NUzrXZCACTzN0oL6fMlJkeiDiE_TKtNFuGmPfqY-4gNozlaAgyMVgCmznGdU5mSC4AMiii41zmeJ65y_HT7Ak5Pi6aJrfKhYAW7cv3pQTo3g%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aofsoru.com
c5f0975f9f36dfd6937249b34b970d3e.safeframe.googlesyndication.com
csi.gstatic.com
dev.ataaofsoru.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:3031::ac43:d53a
2606:4700:3032::6815:2ebb
2607:f8b0:4006:809::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::200e
2607:f8b0:4023:c0d::78
05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e
062719b100219061c8a11fff201d9a98f3794ab45bddf1c1f2d16c9ea440c279
08ab8210682d32f7c25d6b21c1c6cf185f6e8966f8850503909ac9a3a0abecd7
09d843f7f903adb7196d9ac541adf8099e0bed0d90e7d511de1563ec68a4fa32
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
1ad5d234189d1a8f7ecf49b71fd25d9a65b7c150ba4d294e75b08691c907edde
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3075a75fefa88b4268e5ef16ae51b4c0e979ffd4de9912cb70e12a026ff452b9
32773d1b80fd92a00f7ea30fd5ef4dc7f029aeebfce57ac27c4dc1016bf73211
3f5d0246195d2860e46b1030711594edc0e0a962b073fc67f1b5fbebca776822
42e72004028d33828a3c91ea4df1fc7be24e3751bf8263cfaad32605bfb01e97
4424cc3d676d9566b79f746baf5ed181e871ae7b29cfedf4248ed10f48268ab2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
5406a60a13fe9af573847f27c3a65049c2eddcac785bbdb66d44b04e5869ce4f
557cade6d5edde8d54fe61469fcbe512b72bd4a2d73566267194af16c5a9a73e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58099cb8326807269097d81f5303dd7c0d912236ec0fa24963a0c05b4a30191b
5ef64a53094cc06f1525bd5672f44146e4f4c317fc00f9771850b1bb8a9d4b33
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859
6e3322ddc8988c722310c4e35018f3afb5c1de23d286188a45b3d4c10e40c811
7928369a406440002cb4b79ce79e2374bb580a6f189a16db2e400cdfa80e3130
7ecf9f47ed28e5bf3bbb4a9b466df38bd96cfeffa89c976c3fde985497eb823f
825ef229f2348e06e79d8ac3ac4d428208e744f3dd642bbef9172f2ca588a070
86a3115c4b1dcf8824e068ee336cbc6f384740409ea30812393c31f105db2da0
8b4fd31174f873dce8e3fb42437b2f13304c6ac5fbbaba96293c223ff709256f
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
9f6885f85d2c4c63e6c1fae02be673e894f5599f6da1246f26c1e77aae41052f
a976e7e2463b37a0b6be14b92772dd18646e1b49b2550edcfdc846093b728cc1
ad5c63674dc81c2537a605ee33ef7eac98ae419af3795b7cdc32cb03d637e63c
cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5165216efea4962063c2bce871b276969ea2c773fdc6149d951223448bc8180
f0e3e3a5fb62f46f8e4638b3e920617fef80bac562eda4e2d15a68464cd15178
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

dev.ataaofsoru.com Open in urlscan Pro 2606:4700:3032::6815:2ebb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

100 %IPv6

8 Domains

13 Subdomains

13 IPs

1 Countries

839 kBTransfer

2371 kBSize

6 Cookies

12 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dev.ataaofsoru.com Open in urlscan Pro
2606:4700:3032::6815:2ebb Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

13
Subdomains

13
IPs

1
Countries

839 kB
Transfer

2371 kB
Size

6
Cookies

51 HTTP transactions
0 data transactions