Submitted URL: http://www.unknownproxy.com/
Effective URL: https://www.unknownproxy.com/
Submission: On October 16 via api from CA — Scanned from CA

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main IP is 149.56.254.138, located in Montreal, Canada and belongs to OVH, FR. The main domain is www.unknownproxy.com.
TLS certificate: Issued by R10 on August 17th 2024. Valid for: 3 months.
This is the only time www.unknownproxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 149.56.254.138 16276 (OVH)
6 172.67.150.201 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
4 142.250.65.226 15169 (GOOGLE)
1 23.62.11.205 16625 (AKAMAI-AS)
2 142.250.64.72 15169 (GOOGLE)
9 142.251.40.130 15169 (GOOGLE)
12 142.251.40.174 15169 (GOOGLE)
36 8
Apex Domain
Subdomains
Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
73 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
6 serveuk7.com
www.serveuk7.com
15 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
276 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 927
18 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 4785
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
29 KB
1 unknownproxy.com
www.unknownproxy.com
5 KB
36 8
Domain Requested by
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 www.serveuk7.com www.unknownproxy.com
www.serveuk7.com
4 pagead2.googlesyndication.com www.unknownproxy.com
pagead2.googlesyndication.com
2 ssl.google-analytics.com www.unknownproxy.com
1 s7.addthis.com www.unknownproxy.com
1 code.jquery.com www.unknownproxy.com
1 www.unknownproxy.com
36 8

This site contains links to these domains. Also see Links.

Domain
www.4everproxy.com
m.4everproxy.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
*.4everproxy.com
R10
2024-08-17 -
2024-11-15
3 months crt.sh
serveuk7.com
WE1
2024-08-24 -
2024-11-22
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.g.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-09 -
2024-12-11
a year crt.sh
*.google-analytics.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.unknownproxy.com/
Frame ID: B3AA3083BF6606049AB608CB1EA0D851
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 05FAE144350002117126773A62B45988
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=326310110&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1729060819&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060819754&bpp=4&bdt=383&idt=154&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=2153689243407&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: 2F08E1DDB10BFCC120DAD78B531EF451
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=220290724&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1729060819&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060819758&bpp=1&bdt=387&idt=203&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280&correlator=2153689243407&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=212
Frame ID: 9D50863A2F8D30DCF91E7A651812A5E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&abgtt=9&lmt=1729060819&format=728x90&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060819759&bpp=1&bdt=388&idt=219&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280%2C336x280&correlator=2153689243407&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=222
Frame ID: A58D567D3258DC88AC7E1BB66033261E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&adk=2625457464&adf=2459331512&abgtt=9&lmt=1729060822&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x810_l%7C356x810_r&format=0x0&url=https%3A%2F%2Fwww.unknownproxy.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060822719&bpp=5&bdt=3348&idt=5&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D50939d172d78bc22%3AT%3D1729060820%3ART%3D1729060820%3AS%3DALNI_MaOcvZrlcpX_Cg3zL3D6w1n3zi6iw&gpic=UID%3D00000f2a12a7b9a5%3AT%3D1729060820%3ART%3D1729060820%3AS%3DALNI_MbSrYJB2aLSyTwpaKbfnNtVNukuJg&eo_id_str=ID%3Daf9dd1126f96f895%3AT%3D1729060820%3ART%3D1729060820%3AS%3DAA-AfjZbRuvSDsJfdk4mTBW3AayK&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=2153689243407&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&psts=AOrYGskAExUUeAtgEHoI3Sn7bnqQhw0qciYztetE-7rsM-WEhe5UdBR1DfTC2UsZbaieAsoyp1ba5X_222TK5-sjrA4SwaqP%2CAOrYGsnCQK_GCU2Y7znaKwkCTdw2DNcXGTyfEHTZn8gt2UD3B4dDuz9nbHTUJqi00xYok8HUDzcP2bqXLSR06-BqFPYO1A%2CAOrYGsk56F0F3XFPtc_fmzpGLvfzHSC357jOylcg6kV_-LOvZXUced9SmC_3g8JZBnte4vlEyH4fiHhJxsL_Ns_cv6GwUV1n&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fsapi=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=15
Frame ID: E3C29CE3B301892366BF41416F6D8833
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: B3557C28C380E2C18D0F1374B2B994B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 44EA9567F64ECA765BB926ED99555F9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: C0F00B1F0CCDBD88700F081F4DC9BEE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 9ADC9C93D7D6A943528EE51C6EDC7FE5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Unknown Proxy: Change your IP Address

Page URL History Show full URLs

  1. http://www.unknownproxy.com/ HTTP 307
    https://www.unknownproxy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

416 kB
Transfer

1203 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.unknownproxy.com/ HTTP 307
    https://www.unknownproxy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.unknownproxy.com/
Redirect Chain
  • http://www.unknownproxy.com/
  • https://www.unknownproxy.com/
24 KB
5 KB
Document
General
Full URL
https://www.unknownproxy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.56.254.138 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca-149.56.254.138.ipv4.uk7.org
Software
Apache / PHP/7.2.24
Resource Hash
d0daa88347c5d0ef1507a8d1531cd3ad125b45bb20d3b7a7c0bf8826a0f73d37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate no-cache
Connection
keep-alive, Keep-Alive
Content-Encoding
gzip
Content-Length
4457
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Oct 2024 06:40:19 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=1, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.24

Redirect headers

Location
https://www.unknownproxy.com/
Non-Authoritative-Reason
HttpsUpgrades
4e66f7183e413fffe85fdd81e3309c6f.css
www.serveuk7.com/public/cache/
9 KB
3 KB
Stylesheet
General
Full URL
https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57d804f0e3304a48b3100e06d1c932ed4832f7f69ee01c2f8b4970553aaa48d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"240e-5f9849364b7f0"
age
2150
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6FQ2EI56r%2BWTzOwrgLnhtQlFcXAxH3mGW5TWKFJxnkFafcPKX6rnwxmgm7wMRo3c1wzlmPi9de3pEp%2F4SFVYthlwCD%2FuZ1TiYh99d%2BNJit6%2BVzA4pOTBN4CsG652oJkYUbt%2F"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=9230
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
text/css
last-modified
Mon, 17 Apr 2023 09:11:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d360e898cd5ab9c-YYZ
access-control-allow-origin
*
server
cloudflare
jquery-2.1.4.min.js
code.jquery.com/
82 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.1.4.min.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14979"
age
5180421
x-cache
HIT, HIT
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
34121, 23606
x-served-by
cache-lga21971-LGA, cache-yyz4540-YYZ
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729060819.444632,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29519
server
nginx
55137343e0b1d13f5684f69d24969ded.js
www.serveuk7.com/public/cache/
793 B
976 B
Script
General
Full URL
https://www.serveuk7.com/public/cache/55137343e0b1d13f5684f69d24969ded.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7ce2678586a779f599b34b5883f485d074bc08e7bc9dc8a1b115f52b30a69f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"319-5f9842a1fa52f"
age
2150
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ELLz870SL32lQTUyeEiX7ta0E88T2LOAJW9Dpfgs9%2FpWg7v244ZWO7Kdx%2B33k1u%2F6E%2BvW78rt2eMxCvLIIJY7m8hIlHxDrDfwHCakiicciWPbK5Cva00Vr6yQiA4MrMYll0"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
application/javascript
last-modified
Mon, 17 Apr 2023 08:42:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d360e898cd6ab9c-YYZ
server
cloudflare
logo.png
www.serveuk7.com/themes/unknownproxy_com/@img/
6 KB
7 KB
Image
General
Full URL
https://www.serveuk7.com/themes/unknownproxy_com/@img/logo.png
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3074b84f0ce98d30742403765cc4e46dea2cf376f86bbf4d96defe99bb862bea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

cf-cache-status
MISS
etag
"189e-5f975738f72d6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDCT8yW0scuE4dj%2FH6wgtzsHZVkzy9zaOl7M1YI3mQJO65FxOGknPOIIEeZVR5JQLNcQV6omn2OXkZ%2ByVo7AEJkT4nTmJD5%2Fl5315A0wWsrptYL4%2B3m43Lo7C4%2Bh9v0kXKpP"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
image/png
last-modified
Sun, 16 Apr 2023 15:08:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d360e898cd4ab9c-YYZ
accept-ranges
bytes
content-length
6302
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
152 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
5c0c33fda159c5163b1070b3a94ebf9ea3ac5a3110f8be6dcad06d7572422c8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
2924794528490850071
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 06:40:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52527
x-xss-protection
0
server
cafe
sslOn.png
www.serveuk7.com/themes/default/@img/
1 KB
2 KB
Image
General
Full URL
https://www.serveuk7.com/themes/default/@img/sslOn.png
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a5ea07a0ccf26cc71db359dbfc0b9b80434663dd810ec2eeee101f1ee120e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

cf-cache-status
HIT
etag
"4af-5f97572900521"
age
2150
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYk8dQ2t8kgTx0xFiytRLOj3vP7KOKuxO4335xjT6RtpGFGrrdAKUnzYBuV%2Bp983t5HFI0lpdH3m50izyYyn%2FuRVhfnsGEy%2B5gpMvlONtjpn3H5CUPrdtSCtJMpbSUbFHw48"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
image/png
last-modified
Sun, 16 Apr 2023 15:08:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d360e898cd2ab9c-YYZ
accept-ranges
bytes
content-length
1199
server
cloudflare
addthis_widget.js
s7.addthis.com/js/300/
0
0
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.11.205 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-11-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 16 Oct 2024 06:40:22 GMT
Content-Length
27
Date
Wed, 16 Oct 2024 06:40:22 GMT
AK-GRN
0.c724c317.1729060822.d7314cf
Content-Type
text/html
normalize.css
www.serveuk7.com/themes/default/@css/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.serveuk7.com/themes/default/@css/normalize.css
Requested by
Host: www.serveuk7.com
URL: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9e0e56a1b2cc8a413f93ec8723edce26be86a34254efddf249d644c39c9b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"10cc-5f97572803e1f"
age
2150
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iOyjiHbvIzlZeEgeCUPKcAjNOfW30bldxhZiBW6SQzGWydSqnFczqAIjV848t2133665QJH7brV0Xm%2FlNofwxrz7EI0K8RrieczcvgZaR30Bu56Ov6hk8jHYT1JJcTdJSE8P"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=4300
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
text/css
last-modified
Sun, 16 Apr 2023 15:08:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d360e89cd0bab9c-YYZ
access-control-allow-origin
*
server
cloudflare
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.72 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
age
5595
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 07:07:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 05:07:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
17168
server
Golfe2
submit.png
www.serveuk7.com/themes/default/@img/
1 KB
2 KB
Image
General
Full URL
https://www.serveuk7.com/themes/default/@img/submit.png
Requested by
Host: www.serveuk7.com
URL: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d9a70ec7418a19cd6152cc1b8cc41e744cc6e6557d02e401592223673c174d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css

Response headers

cf-cache-status
HIT
etag
"4b7-5f97572ad35ae"
age
2150
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYlXnLquNYINHupe76QaTQSkCFuXVCFJSckUdmfwcXld8vTHRxh2wdOpQjRNeZLaVdA1ygnVYZ7m0NDkM5d0oWX5XAej1BnDIFXNqQEJtOnFZsZ%2BNJ%2BQwa%2Bo%2F0F2YB8nFXsx"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
image/png
last-modified
Sun, 16 Apr 2023 15:08:33 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d360e8a2d33ab9c-YYZ
accept-ranges
bytes
content-length
1207
server
cloudflare
__utm.gif
ssl.google-analytics.com/r/
35 B
410 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2114185373&utmhn=www.unknownproxy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-ca&utmje=0&utmfl=-&utmdt=Unknown%20Proxy%3A%20Change%20your%20IP%20Address&utmhid=1042736379&utmr=-&utmp=%2F&utmht=1729060819686&utmac=UA-29423781-1&utmcc=__utma%3D259337678.859143920.1729060820.1729060820.1729060820.1%3B%2B__utmz%3D259337678.1729060820.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=247840537&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.unknownproxy.com
URL: https://www.unknownproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.72 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:19 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/
421 KB
140 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
b93b4001b605115857887db3ff32d98e81c11a70d6528512e19cd3685297d781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
1984914530360987992
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 06:40:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 16 Oct 2024 06:40:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
143785
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame 05FA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
4120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 05:31:40 GMT
etag
13108003645644964576
expires
Wed, 30 Oct 2024 05:31:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2F08
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=326310110&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1729060819&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060819754&bpp=4&bdt=383&idt=154&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=2153689243407&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45625
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 06:40:20 GMT
expires
Wed, 16 Oct 2024 06:40:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9D50
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=220290724&pi=t.ma~as.4450595815&w=336&abgtt=9&lmt=1729060819&format=336x280&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060819758&bpp=1&bdt=387&idt=203&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280&correlator=2153689243407&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=212
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
51419
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 06:40:20 GMT
expires
Wed, 16 Oct 2024 06:40:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A58D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&abgtt=9&lmt=1729060819&format=728x90&url=https%3A%2F%2Fwww.unknownproxy.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060819759&bpp=1&bdt=388&idt=219&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=336x280%2C336x280&correlator=2153689243407&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fc=640&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46651
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 06:40:20 GMT
expires
Wed, 16 Oct 2024 06:40:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E3C2
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&adk=2625457464&adf=2459331512&abgtt=9&lmt=1729060822&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x810_l%7C356x810_r&format=0x0&url=https%3A%2F%2Fwww.unknownproxy.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729060822719&bpp=5&bdt=3348&idt=5&shv=r20241014&mjsv=m202410100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D50939d172d78bc22%3AT%3D1729060820%3ART%3D1729060820%3AS%3DALNI_MaOcvZrlcpX_Cg3zL3D6w1n3zi6iw&gpic=UID%3D00000f2a12a7b9a5%3AT%3D1729060820%3ART%3D1729060820%3AS%3DALNI_MbSrYJB2aLSyTwpaKbfnNtVNukuJg&eo_id_str=ID%3Daf9dd1126f96f895%3AT%3D1729060820%3ART%3D1729060820%3AS%3DAA-AfjZbRuvSDsJfdk4mTBW3AayK&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=2153689243407&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C31087804%2C31087890%2C31087986%2C42532524%2C95344190&oid=2&psts=AOrYGskAExUUeAtgEHoI3Sn7bnqQhw0qciYztetE-7rsM-WEhe5UdBR1DfTC2UsZbaieAsoyp1ba5X_222TK5-sjrA4SwaqP%2CAOrYGsnCQK_GCU2Y7znaKwkCTdw2DNcXGTyfEHTZn8gt2UD3B4dDuz9nbHTUJqi00xYok8HUDzcP2bqXLSR06-BqFPYO1A%2CAOrYGsk56F0F3XFPtc_fmzpGLvfzHSC357jOylcg6kV_-LOvZXUced9SmC_3g8JZBnte4vlEyH4fiHhJxsL_Ns_cv6GwUV1n&pvsid=2139255853386991&tmod=1722787261&uas=0&nvt=1&fsapi=1&fc=896&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
137063
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 06:40:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/
172 KB
58 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
4529d2511d03300c82e27bb68d9034853acbe0986bbc1de4ee07a2d22022d14f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
8957410474111239312
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 06:40:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 16 Oct 2024 06:40:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
59097
x-xss-protection
0
server
cafe
ca-pub-1206893953118841
fundingchoicesmessages.google.com/i/
195 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1206893953118841?href=https%3A%2F%2Fwww.unknownproxy.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
d7f92df825b5a93b2add5a3548b19df0c32910ee5f2c68eb09315c5e5d5d96dc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GvhAmgFSyJv4wYGujoqofw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:23 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NSQYjh56zbTRSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUHYkOFS6zOQOxYdInVE4hVey6xmgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1hYgvt10hfUxEAvxcFzfv3cHm8CN_r3PmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfQMTOILDADWqFAA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GvhAmgFSyJv4wYGujoqofw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LxjP0OTZadc9dYgy4L1KVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:23 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0gDi9BmsIUDsrnWR1R-Iv-65xPoXiPd-vMR6FIiFeDiu79-7g03gxY1tN5mVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgaGJnoF5fIEBAA1rMBc"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LxjP0OTZadc9dYgy4L1KVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXn_cSBm0E8xQstU7LTHxGOsPRtsCO_FabxbP39LS-O5TL9uclx58EtRwZ2zFgna5DXoXDzBAIuRdpY719L5Woc-hMa0SDmQCmg2gXZ7aJWHETPtOjwX2g65NaSi6hJs_q-Xd-UDA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXn_cSBm0E8xQstU7LTHxGOsPRtsCO_FabxbP39LS-O5TL9uclx58EtRwZ2zFgna5DXoXDzBAIuRdpY719L5Woc-hMa0SDmQCmg2gXZ7aJWHETPtOjwX2g65NaSi6hJs_q-Xd-UDA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MDYwODIzLDg5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudW5rbm93bnByb3h5LmNvbS8iLG51bGwsW1s4LCJaTHBkUFZpaEt0RSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
ceed4143a6082ff50e1b63a6a112ad167ccbb0795b5a420b0c9744c4a43a8cd2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-h2wc-QKh8aXgu_tvQWpIew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:23 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XBc3793B5vAi6kHDzIraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJroGZjEFxgAAFwKSuM"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-h2wc-QKh8aXgu_tvQWpIew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame B355
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
4120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 05:31:40 GMT
etag
13108003645644964576
expires
Wed, 30 Oct 2024 05:31:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame 44EA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
4120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 05:31:40 GMT
etag
13108003645644964576
expires
Wed, 30 Oct 2024 05:31:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame C0F0
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
4120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 05:31:40 GMT
etag
13108003645644964576
expires
Wed, 30 Oct 2024 05:31:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame 9ADC
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unknownproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
4120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 05:31:40 GMT
etag
13108003645644964576
expires
Wed, 30 Oct 2024 05:31:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVjeRA0ESSBqd7SPTjiq2vgQgFYlZMIUQqjj-K1VdJ_daJcjIaSpWOClnG5n3N6Q6aqBq9zT0AeP80mEL67YyER7NbVinx-2hgu4_Z-KL33EULpZNmWa-yPvWmiDn7pNX5K3TYHDg==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVjeRA0ESSBqd7SPTjiq2vgQgFYlZMIUQqjj-K1VdJ_daJcjIaSpWOClnG5n3N6Q6aqBq9zT0AeP80mEL67YyER7NbVinx-2hgu4_Z-KL33EULpZNmWa-yPvWmiDn7pNX5K3TYHDg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MDYwODI0LDE4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly93d3cudW5rbm93bnByb3h5LmNvbS8iLG51bGwsW1s4LCJaTHBkUFZpaEt0RSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
26c1acf304a3d070d852d59e3cf0345a4bb919e354be20bcc15e0ca5c7408e6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QQEhF-zNhIUUiLFqu-x98w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRALcXPc2L93B5vAiTMHVJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfQMTOILDAALLUpe"
content-security-policy
script-src 'report-sample' 'nonce-QQEhF-zNhIUUiLFqu-x98w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
imp
fundingchoicesmessages.google.com/f/AGSKWxUn3WcnlSUOvlyJE0-8SDFHk7DKOXz_PeCooq2nrTEWrbZLjOF163yLWeDoiPfG9EAfg2wUkS9lgoYr_dvXnevrpow3O1O90Qn5xOd8lyUp2xl0vGSmL0VfyKzJfH8VlepPUB_RjyfU4ppKdXnjTAXdxJzhl...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUn3WcnlSUOvlyJE0-8SDFHk7DKOXz_PeCooq2nrTEWrbZLjOF163yLWeDoiPfG9EAfg2wUkS9lgoYr_dvXnevrpow3O1O90Qn5xOd8lyUp2xl0vGSmL0VfyKzJfH8VlepPUB_RjyfU4ppKdXnjTAXdxJzhlSPLJzclpftgT6gReLjEMNzaGIBkMhQz/_/imp?slot=/newtopmsgad./ad_head_/adshow_/assets/ads_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwkS_3mAi7f8mEi1C0TCXXBMVFQQw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
73f68133a88b283f056f6532d128319113675932608732a7e57ed0514e24a3d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d4ZOuZBXiJiA4OLGToo-gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XDc2L93B5vAgss9ncxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGhiZ6BibxBQYARIpKaQ"
content-security-policy
script-src 'report-sample' 'nonce-d4ZOuZBXiJiA4OLGToo-gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum.js
pagead2.googlesyndication.com/pagead/js/
71 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwkS_3mAi7f8mEi1C0TCXXBMVFQQw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
c925dcece063e452d7e8788f413dffe90f60e5a66b9e0ada72e03a801934d7a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
br
etag
9678319810274944302
age
739
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 07:28:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 16 Oct 2024 06:28:05 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
26657
x-xss-protection
0
server
cafe
AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zwx0a0MxRaLWAQ_6yHEJKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48b-vTvYBBac2d3BrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfQMzOMLDADe0i92"
content-security-policy
script-src 'report-sample' 'nonce-Zwx0a0MxRaLWAQ_6yHEJKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HiJcohH8_gXGTRVYzaEMxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48b-vTvYBD5cOz2fWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmugZmMcXGAAACWUwAg"
content-security-policy
script-src 'report-sample' 'nonce-HiJcohH8_gXGTRVYzaEMxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2Ck0p6DAj2O6U8FrchZEBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48b-vTvYBDZs_L2CWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmugZmMcXGAAA92wvzA"
content-security-policy
script-src 'report-sample' 'nonce-2Ck0p6DAj2O6U8FrchZEBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-75byVYZwfB-hwKrOlnLJ-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48b-vTvYBF4sb17FrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfQMzOMLDADksC-H"
content-security-policy
script-src 'report-sample' 'nonce-75byVYZwfB-hwKrOlnLJ-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXbpZUMJU2l3zROn1PvVRuZuPAGMUmXqTALSVjTPFFwraKELswaAypa5F9QSvcCrMV8-1c3RG2LUkqux7Q6TNlqo6IQ0N0wZg8f_QyXNIG-eGDYCSNccbXwj5mlL55dQRmrq_Y_VA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXbpZUMJU2l3zROn1PvVRuZuPAGMUmXqTALSVjTPFFwraKELswaAypa5F9QSvcCrMV8-1c3RG2LUkqux7Q6TNlqo6IQ0N0wZg8f_QyXNIG-eGDYCSNccbXwj5mlL55dQRmrq_Y_VA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MDYwODI0LDg2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudW5rbm93bnByb3h5LmNvbS8iLG51bGwsW1s4LCJaTHBkUFZpaEt0RSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
4d1febd6a30ccf28b4f927db7bc1cbbc2a5b50ccc6eefd221058c5c2d49836a1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aE07wrD-fkDaDFK_LYXzNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.unknownproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmII0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XDc2L93B5tAw4NN65mVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDE30DEziCwwAVkZKrg"
content-security-policy
script-src 'report-sample' 'nonce-aE07wrD-fkDaDFK_LYXzNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXV5qQDnmvOCWG4jbP_UEJysnk_4duuexOyJPWVOKoMk-w9R6Hn3zhIwUFlxlJCGJ7UrBKolsTuaSK2JFTiFjzxnhwOSV4uXWbZVdA-ZJSmk_VYeS9HP9o4vBmPNqNKmNj4M0N1-w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXV5qQDnmvOCWG4jbP_UEJysnk_4duuexOyJPWVOKoMk-w9R6Hn3zhIwUFlxlJCGJ7UrBKolsTuaSK2JFTiFjzxnhwOSV4uXWbZVdA-ZJSmk_VYeS9HP9o4vBmPNqNKmNj4M0N1-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DIFJ9shoPRJVPGovaEFcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48b-vTvYBDr-L73ArOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfQMzOMLDAD4Qi_L"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DIFJ9shoPRJVPGovaEFcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVYGY8L8bZA7tdmA5HbsFOy9om_D0qu6P8LSR-T_Y-C78EooberZneztLFPHvsHUQrp1u3ecyZPW8yox9DV-WXxbACO42M6DTy38Ht7HPIWp-wZvzktE2vee2aKHe52Hsfbc2Zbgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZLpdPVihKtE.es5.O/am=DAY/d=1/rs=AJlcJMxKpQACZ1ekYXMZ1DTPDDYPvOri6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2_UkIKaVrnnLYygfqX8zNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.unknownproxy.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:40:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48b-vTvYBGacvHKeWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmugZmMcXGAAA_b0v2g"
content-security-policy
script-src 'report-sample' 'nonce-2_UkIKaVrnnLYygfqX8zNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.unknownproxy.com
content-length
0
x-xss-protection
0
server
ESF

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| $ function| jQuery function| fixInputPlaceholders function| base64_decode object| _gaq object| adsbygoogle object| saved_servers object| _gat object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_ama_state number| google_rum_task_id_counter object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjFlNTExMjhmMmNiMmY2OGxvYWRlcl9qcw== string| MjFlNTExMjhmMmNiMmY2OGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| _google_rum_ns_ boolean| ef807e34-afa6-4f5a-81d1-226bec1ba64f

24 Cookies

Domain/Path Name / Value
.unknownproxy.com/ Name: 4everproxy
Value: 2pfui8aogb7r8b2h08obis2nvr
.unknownproxy.com/ Name: __utma
Value: 259337678.859143920.1729060820.1729060820.1729060820.1
.unknownproxy.com/ Name: __utmc
Value: 259337678
.unknownproxy.com/ Name: __utmz
Value: 259337678.1729060820.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.unknownproxy.com/ Name: __utmt
Value: 1
.unknownproxy.com/ Name: __utmb
Value: 259337678.1.10.1729060820
.doubleclick.net/ Name: IDE
Value: AHWqTUmz5cFRQ1hJGBY7A2uegw9aEDj10zH0sWqLflNSQxoTOrKyDYR0tP9z-kuP6ZQ
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMPS
Value: 3823
.casalemedia.com/ Name: CMID
Value: Zw9f1NHM6rkAAE63AC3xUAAA
.casalemedia.com/ Name: CMPRO
Value: 3823
.googleadservices.com/ Name: ar_debug
Value: 1
.unknownproxy.com/ Name: __gads
Value: ID=50939d172d78bc22:T=1729060820:RT=1729060820:S=ALNI_MaOcvZrlcpX_Cg3zL3D6w1n3zi6iw
.unknownproxy.com/ Name: __gpi
Value: UID=00000f2a12a7b9a5:T=1729060820:RT=1729060820:S=ALNI_MbSrYJB2aLSyTwpaKbfnNtVNukuJg
.unknownproxy.com/ Name: __eoi
Value: ID=af9dd1126f96f895:T=1729060820:RT=1729060820:S=AA-AfjZbRuvSDsJfdk4mTBW3AayK
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.contextweb.com/ Name: V
Value: QUkqxuhbNzwI
.contextweb.com/ Name: VP
Value: part_QUkqxuhbNzwI
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1u81|7Bj.0.CAESECdhavN2lg8FMIwlV4dT7LM
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1u81|7Bj.0.CAESECdhavN2lg8FMIwlV4dT7LM
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e745c98fd7f8468e
.unknownproxy.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9Nak7LA13RPl-Bu-YsCmwAfa1peng0Y0Pof54hTT2uVnkd5wcfU-hSrx3cKCuY4AuDWJ1rjrUjny14hlLGiExOHPFRbT86t8WnQ55akcO5lpGRtElS6sKqJc2ILdpIBGUdqrIklRveI7X7Ze3LUFRXeQPreQ%3D%3D%22%5D%5D
.dotomi.com/ Name: DotomiTest
Value: e61f006f83e06f8

1 Console Messages

Source Level URL
Text
network error URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-53db0d241065de9a
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s7.addthis.com
ssl.google-analytics.com
www.serveuk7.com
www.unknownproxy.com
142.250.64.72
142.250.65.226
142.251.40.130
142.251.40.174
149.56.254.138
151.101.194.137
172.67.150.201
23.62.11.205
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a5ea07a0ccf26cc71db359dbfc0b9b80434663dd810ec2eeee101f1ee120e2c
26c1acf304a3d070d852d59e3cf0345a4bb919e354be20bcc15e0ca5c7408e6d
3074b84f0ce98d30742403765cc4e46dea2cf376f86bbf4d96defe99bb862bea
4529d2511d03300c82e27bb68d9034853acbe0986bbc1de4ee07a2d22022d14f
4d1febd6a30ccf28b4f927db7bc1cbbc2a5b50ccc6eefd221058c5c2d49836a1
57d804f0e3304a48b3100e06d1c932ed4832f7f69ee01c2f8b4970553aaa48d8
5c0c33fda159c5163b1070b3a94ebf9ea3ac5a3110f8be6dcad06d7572422c8f
73f68133a88b283f056f6532d128319113675932608732a7e57ed0514e24a3d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f9e0e56a1b2cc8a413f93ec8723edce26be86a34254efddf249d644c39c9b05
b93b4001b605115857887db3ff32d98e81c11a70d6528512e19cd3685297d781
c925dcece063e452d7e8788f413dffe90f60e5a66b9e0ada72e03a801934d7a4
cc7ce2678586a779f599b34b5883f485d074bc08e7bc9dc8a1b115f52b30a69f
ceed4143a6082ff50e1b63a6a112ad167ccbb0795b5a420b0c9744c4a43a8cd2
d0daa88347c5d0ef1507a8d1531cd3ad125b45bb20d3b7a7c0bf8826a0f73d37
d7f92df825b5a93b2add5a3548b19df0c32910ee5f2c68eb09315c5e5d5d96dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f9d9a70ec7418a19cd6152cc1b8cc41e744cc6e6557d02e401592223673c174d