attybin.us Open in urlscan Pro
2606:4700:3030::ac43:c151 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://attybin.us/
Submission: On September 25 via api (September 25th 2024, 6:33:06 am UTC) from BE — Scanned from US

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3030::ac43:c151, located in United States and belongs to CLOUDFLARENET, US. The main domain is attybin.us.
TLS certificate: Issued by WE1 on September 10th 2024. Valid for: 3 months.

This is the only time attybin.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3030::ac43:c151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
38	8

5 2606:4700:3030::ac43:c151 (United States)

ASN13335 (CLOUDFLARENET, US)

attybin.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 697	83 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com Failed	335 KB
5	attybin.us attybin.us	41 KB
3	gstatic.com fonts.gstatic.com	46 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	104 KB
38	7

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	attybin.us pagead2.googlesyndication.com
5	attybin.us	attybin.us
3	fonts.gstatic.com	attybin.us
2	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	attybin.us
0	tpc.googlesyndication.com Failed	pagead2.googlesyndication.com
38	8

This site contains no links.

Subject Issuer	Validity	Valid
attybin.us WE1	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://attybin.us/
Frame ID: 81885F0E94D9655A155ADE7AF40D3F6E
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html
Frame ID: C1233E3E50A5E0108A885835F5CEE73C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1423319426886869&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721591478&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fattybin.us%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiepr=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727245982371&bpp=19&bdt=241&idt=261&shv=r20240923&mjsv=m202409190101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2196477620487&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C95341936%2C95342766%2C31087413&oid=2&pvsid=2010963080504879&tmod=1619026993&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: D23F57A76C325E67BF7B0E70136C9B33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1423319426886869&output=html&h=280&slotname=2043322713&adk=2167920348&adf=1795251393&pi=t.ma~as.2043322713&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721591478&rafmt=1&format=1200x280&url=https%3A%2F%2Fattybin.us%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727245982390&bpp=4&bdt=260&idt=299&shv=r20240923&mjsv=m202409190101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2196477620487&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C95341936%2C95342766%2C31087413&oid=2&pvsid=2010963080504879&tmod=1619026993&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=308
Frame ID: 0E552D1B9A2D425077D0D4225CCC4CD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html
Frame ID: B31D0E91AE37C130EB238E7542B26941
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html
Frame ID: 068848269454CB97EF8D73F3C873487D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html
Frame ID: 362BFBB4155314116C60FE9EB0C651FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AttyBin | Your Comprehensive US Attorney Directory

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

38
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

610 kB
Transfer

1712 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
attybin.us/ 118 KB
35 KB 153ms
55ms Document
text/html 2606:4700:3030::ac43:c151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://attybin.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bcaaaa0e0da9f6a4ee30c77489057e38b10573fddd2e227c2a9ea718e65880f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=-1141367296
cf-cache-status: DYNAMIC
cf-ray: 8c88fafc08d78c60-EWR
content-encoding: br
content-type: text/html
date: Wed, 25 Sep 2024 06:33:02 GMT
expires: Tue, 26 Jul 1988 00:04:46 GMT
last-modified: Sun, 21 Jul 2024 19:51:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pwjti1wGz4dSWYsxRSQ4VcIZAEpPRjUPK0Ygwz%2FQrl13kZtWh6c1jv%2F4Mt9%2BPC5bmPQSTD%2FISYCWVH1q5sIaDdlohaqBJBZ9QZO3IPJLW%2Ft4wnS78Ot60rxqe83BBHHSkOxEvAFIAyG5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
51 KB 172ms
60ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1423319426886869

Requested by

Host: attybin.us
URL: https://attybin.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9cf3e89dbf4c881d6846d97aedd20c6a259737452c1bcf17571262a71c1c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://attybin.us
Referer: https://attybin.us/

Response headers

content-encoding: br
etag: 10411469412129959678
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 06:33:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 25 Sep 2024 06:33:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52677
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
104 KB 174ms
62ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4BLNRSC20J

Requested by

Host: attybin.us
URL: https://attybin.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3eaf7686cb8c89044dc75e63477f8bbde8d99745b8527c20b4e219a3c4f3b8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 25 Sep 2024 06:33:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106341
date: Wed, 25 Sep 2024 06:33:02 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 email-decode.min.js Show response
attybin.us/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700:3030::ac43:c151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://attybin.us/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: attybin.us
URL: https://attybin.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"66e7fb1c-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5q3W%2BQkKpPA5pe5PL5%2BD9D4Y6ea17%2Fe%2BAdzb%2FtHf74vvpV2DjGP5YLcoR0wllnUwgPNlbl6d%2BpmJtj2TCw0MKLlr764WQ6xCAR6IRvKueVpfSbHElhBMciqHBJFsZJqYPPQ%2FoJyBw%2Bc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8c88fafda9e38c60-EWR
expires: Fri, 27 Sep 2024 06:33:02 GMT
date: Wed, 25 Sep 2024 06:33:02 GMT
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 09:32:12 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/ 410 KB
137 KB 165ms
73ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1423319426886869

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef7b4e928add077ac24b98668efe8f104904c2c5d767b83e73c25816089cd40b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: br
etag: 1323371102069620887
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 06:33:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 25 Sep 2024 06:33:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 140734
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 199ms
91ms Fetch
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4BLNRSC20J&gtm=45je49n0v9179888924za200&_p=1727245982161&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1940668083.1727245982&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727245982&sct=1&seg=0&dl=https%3A%2F%2Fattybin.us%2F&dt=AttyBin%20%7C%20Your%20Comprehensive%20US%20Attorney%20Directory&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=520
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4BLNRSC20J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://attybin.us
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Sep 2024 06:33:02 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/ Frame C123 0
0 115ms
24ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://attybin.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Sep 2024 06:22:11 GMT
etag: 13108003645644964576
expires: Wed, 09 Oct 2024 06:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D23F 0
0 571ms
509ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1423319426886869&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721591478&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fattybin.us%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiepr=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727245982371&bpp=19&bdt=241&idt=261&shv=r20240923&mjsv=m202409190101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2196477620487&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C95341936%2C95342766%2C31087413&oid=2&pvsid=2010963080504879&tmod=1619026993&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://attybin.us/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45756
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Sep 2024 06:33:03 GMT
expires: Wed, 25 Sep 2024 06:33:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0E55 0
0 514ms
481ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1423319426886869&output=html&h=280&slotname=2043322713&adk=2167920348&adf=1795251393&pi=t.ma~as.2043322713&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721591478&rafmt=1&format=1200x280&url=https%3A%2F%2Fattybin.us%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727245982390&bpp=4&bdt=260&idt=299&shv=r20240923&mjsv=m202409190101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2196477620487&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C95341936%2C95342766%2C31087413&oid=2&pvsid=2010963080504879&tmod=1619026993&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://attybin.us/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Sep 2024 06:33:03 GMT
expires: Wed, 25 Sep 2024 06:33:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/ 172 KB
58 KB 104ms
104ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/reactive_library_fy2021.js?bust=31087413

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d87c0597d40792dbe9334d9116bf70a7e35b8c342b7fd70d86b36ee0a61ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: br
etag: 5926809558294252488
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 06:33:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 25 Sep 2024 06:33:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 59214
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-1423319426886869 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 230ms
78ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1423319426886869?href=https%3A%2F%2Fattybin.us&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc52eefebc5aaaf43f07a164ecc03669a834f4ed91e09f099609197243d816ba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Wrk-4wr18jGhvi9MdNHX1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:03 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQ-3hdYQ0BYiEejvl3z21nE9jw4slXRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA0sjYz0Do_gCAwBIr0oW"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Wrk-4wr18jGhvi9MdNHX1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
84ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C42531705%2C95341936%2C95342766%2C31087413&hl=en&pvc=2010963080504879

Requested by

Host: attybin.us
URL: https://attybin.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 25 Sep 2024 06:33:03 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 563ms
125ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olC0sk21Jm0.es5.O/am=QDA/d=1/rs=AJlcJMyKLXW5UlkagFTFHtdvjHCi-cZd9w/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zCtzD78TGlzKC1XjaJWSVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw0ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhbg5Ftw9t51N4Me2XzZKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0shYz8A8vsAAAHuMMy4"
content-security-policy: script-src 'report-sample' 'nonce-zCtzD78TGlzKC1XjaJWSVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVUfsNHo-71uDWaQdQIS4X-W-qi_bzhngnC3ec3Xc5OsdScRZ1Ti5leIOjZC2o8tsE7pWZ9VFj480550KG2Zxis5cpQViPMgMxGUQYLhWOW6kBgE-l9olBBQ1KwJfeTGHhHgnkQ8A== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 71ms
69ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVUfsNHo-71uDWaQdQIS4X-W-qi_bzhngnC3ec3Xc5OsdScRZ1Ti5leIOjZC2o8tsE7pWZ9VFj480550KG2Zxis5cpQViPMgMxGUQYLhWOW6kBgE-l9olBBQ1KwJfeTGHhHgnkQ8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MjQ1OTgzLDcxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hdHR5YmluLnVzLyIsbnVsbCxbWzgsIm9sQzBzazIxSm0wIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

837e9bb566e19b80eafe945080ebf910084b443b9d62b7aad7dda4d21dd214c2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-a_iDxgd6ORHs4hDu4t96fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:03 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmII1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQ-3hdYQ0BYiEejvl3z21nE-g4fuMJk5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgaWRsZ6BUXyBAQA7QEm4"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-a_iDxgd6ORHs4hDu4t96fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/ Frame B31D 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://attybin.us/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Sep 2024 06:22:11 GMT
etag: 13108003645644964576
expires: Wed, 09 Oct 2024 06:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/ Frame 0688 0
0 8ms
8ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://attybin.us/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Sep 2024 06:22:11 GMT
etag: 13108003645644964576
expires: Wed, 09 Oct 2024 06:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/ Frame 362B 0
0 15ms
15ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240923/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://attybin.us/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Sep 2024 06:22:11 GMT
etag: 13108003645644964576
expires: Wed, 09 Oct 2024 06:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 53ms
47ms Fetch
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4BLNRSC20J&gtm=45je49n0v9179888924za200&_p=1727245982161&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1940668083.1727245982&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1727245982&sct=1&seg=0&dl=https%3A%2F%2Fattybin.us%2F&dt=AttyBin%20%7C%20Your%20Comprehensive%20US%20Attorney%20Directory&en=ad_impression&ep.query_id=CJGN-Nm83YgDFTQDaAgdcmgHkg&_et=911&tfd=2140
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4BLNRSC20J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://attybin.us
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 getbanandfile Show response
fundingchoicesmessages.google.com/f/AGSKWxXOBbvRyNkeMt3MA_DJGR3pOSHEAYvsZOyKYZ3t2GBxiAKCzduhT5HSiCc8g1jgtkaD8VQK-Px_9dmW_u0TQraNv4IuIZ-7ETmf5Dvww7zMS8m9U4PFuZ0K0ksKtTSizBU9-QRq5oeAdmJoI50zJhUe_a5id... 54 B
538 B 65ms
63ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXOBbvRyNkeMt3MA_DJGR3pOSHEAYvsZOyKYZ3t2GBxiAKCzduhT5HSiCc8g1jgtkaD8VQK-Px_9dmW_u0TQraNv4IuIZ-7ETmf5Dvww7zMS8m9U4PFuZ0K0ksKtTSizBU9-QRq5oeAdmJoI50zJhUe_a5iduOrFOpqlNTYb9ByV-9CBJoLe19FzAyE/_/ads-2./rsc_ad_/ad/getbanandfile?/bmndoubleclickad./content_ad_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.olC0sk21Jm0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy6kevWk_m1RjdyPa6Z1Uq4XnHPhg/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66f1eacf2c07fa53a6d21bfe798be649be633e677b425d2fa43359bfbb709fb4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rcntx-tdniI3wCankb3D8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamDU4pJicNOQYjhx6zbTBSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUH4iURF1mPJF5kNVS4xOoMxI5Fl1g9gfj-ukusz4F478dLrEeBeOn9y6xrgbhI4gprCxD7eF1hDQFiIR6OBXfPbWcTuHDp_xNGJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDSyNjPQOj-AIDAMDMTzY"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rcntx-tdniI3wCankb3D8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 242 KB
76 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa640ef5c20d0740d250f30c61f0a42607f145300c5fa06a8e56bb40e6f5f3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: br
etag: 13273418748234425363
age: 911
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 07:17:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 25 Sep 2024 06:17:53 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 77320
x-xss-protection: 0
server: cafe

POST
H2 204 AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ== Show response
fundingchoicesmessages.google.com/el/ 0
379 B 62ms
60ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sJsg8PQBNPlP4K9HxFP7EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4Ftw9t51N4MOF3ieMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNLIWM_APL7AAACrCDN8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sJsg8PQBNPlP4K9HxFP7EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ== Show response
fundingchoicesmessages.google.com/el/ 0
379 B 76ms
75ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KbV66pxXLBckhz6rYY-xmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4Ftw9t51N4ML6r-1MSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNLIWM_APL7AAACf5TNP"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KbV66pxXLBckhz6rYY-xmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ== Show response
fundingchoicesmessages.google.com/el/ 0
378 B 64ms
63ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-quZNlnicW2t06sEzT2wy4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4Ftw9t51N4MOag6uYlFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgaWRsZ6BeXyBAQCd6zNQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-quZNlnicW2t06sEzT2wy4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ== Show response
fundingchoicesmessages.google.com/el/ 0
378 B 99ms
98ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mfd2vkxRiGhKAN0YmogTNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4Ftw9t51NYMaVT6uZlFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgaWRsZ6BeXyBAQCZ9DNK"
content-security-policy: script-src 'report-sample' 'nonce-Mfd2vkxRiGhKAN0YmogTNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVKXK7Yki3nlPMfFgX0bEOSNoGPdOa7hUXRs0VTnBCq6ogX-7juvld4WStBX2zL5w9cIoC0baQw3iqIfXqaRnPK3maGW7ACaRMS2YrXXTfyNo_maoR56b4czZe5RJsaQy9m8wJSCg== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 59ms
58ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVKXK7Yki3nlPMfFgX0bEOSNoGPdOa7hUXRs0VTnBCq6ogX-7juvld4WStBX2zL5w9cIoC0baQw3iqIfXqaRnPK3maGW7ACaRMS2YrXXTfyNo_maoR56b4czZe5RJsaQy9m8wJSCg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MjQ1OTg0LDU5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYXR0eWJpbi51cy8iLG51bGwsW1s4LCJvbEMwc2syMUptMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2aca87d60c8a5521edc60cf9ace4ee411e0555ed9c1ac10a92ae00357b16d5ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J7jt-nhd91opdNVGn1JrUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQ-3hdYQ0BYiEejgV3z21nE3hwau4qJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA0sjYz0Do_gCAwAsZEmO"
content-security-policy: script-src 'report-sample' 'nonce-J7jt-nhd91opdNVGn1JrUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ== Show response
fundingchoicesmessages.google.com/el/ 0
379 B 79ms
78ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XRVsiJHDs0pUSVOTibyXEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4Ftw9t51N4MetBReYlFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgaWRsZ6BeXyBAQCrVjOE"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XRVsiJHDs0pUSVOTibyXEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXFayYeWBeGsDvzjiPYYEJZQGNttURpj8Z8sb-8XdSieaIIcrbWY7NSYnQJyoWygCd-gcw69PFyES2SYWZLrATuRYTwXrIhoDg2u5frXHQ4FGiVJQayTBjc9eo6VkAQaUQryBTp-A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 79ms
78ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXFayYeWBeGsDvzjiPYYEJZQGNttURpj8Z8sb-8XdSieaIIcrbWY7NSYnQJyoWygCd-gcw69PFyES2SYWZLrATuRYTwXrIhoDg2u5frXHQ4FGiVJQayTBjc9eo6VkAQaUQryBTp-A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MjQ1OTg0LDY3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYXR0eWJpbi51cy8iLG51bGwsW1s4LCJvbEMwc2syMUptMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

087f73a6cde94fe40a831f97a6a091dcc5465fd47d4ac68e93f685a8647679d0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tWpKJiL92H3CzODdwipgUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQ-3hdYQ0BYiEejgV3z21nEzhw6PhFJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA0sjYz0Do_gCAwA2hkm8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tWpKJiL92H3CzODdwipgUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVye-7dWbXxFNsR8ee-0mHWxntZn6G-cE_3mzt2s9caeMfM3wGsK6NvL_5ZmVdQVOWF9QbKC2zH0aqtWDWcQzs3yvMsk0t6N_tkrAwuifhEPQtxp_oPghTAkJNppoIzoQhyxG_JlQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 89ms
85ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVye-7dWbXxFNsR8ee-0mHWxntZn6G-cE_3mzt2s9caeMfM3wGsK6NvL_5ZmVdQVOWF9QbKC2zH0aqtWDWcQzs3yvMsk0t6N_tkrAwuifhEPQtxp_oPghTAkJNppoIzoQhyxG_JlQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MjQ1OTg0LDc1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hdHR5YmluLnVzLyIsbnVsbCxbWzgsIm9sQzBzazIxSm0wIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d115781e71b405a4c4de9954e837a4d456bce86edf0f7d0696b596af18d309c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GakUqgunIUg_ttTTqvAo0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamDU4pJiCNCQYjhx6zbTBSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUH4iURF1mPJF5kNVS4xOoMxI5Fl1g9gfj-ukusz4F478dLrEeBeOn9y6xrgbhI4gprCxD7eF1hDQFiIR6OBXfPbWcTWDFpejOzkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBpZGxnoFRfIEBAJJeThE"
content-security-policy: script-src 'report-sample' 'nonce-GakUqgunIUg_ttTTqvAo0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxVg0SKJeOB5Mmi-HAxDPCmErgvzN2RRvCMAj-S1_JnHYFfBYt0JM05oYH_dVay3r3bq7UdkzfyHSpTyRN3rb_LlmFOgjUTg3y1I0ngrSAvdoEB5WG3g3dhnFl2sR9pPbK2dn-Pbvg== Show response
fundingchoicesmessages.google.com/el/ 0
379 B 78ms
77ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVg0SKJeOB5Mmi-HAxDPCmErgvzN2RRvCMAj-S1_JnHYFfBYt0JM05oYH_dVay3r3bq7UdkzfyHSpTyRN3rb_LlmFOgjUTg3y1I0ngrSAvdoEB5WG3g3dhnFl2sR9pPbK2dn-Pbvg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6TU85MKFvSOU8F-tzF4tvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4Ftw9t51N4MS3WUuYlVyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgaWRsZ6BeXyBAQCgjzNR"
content-security-policy: script-src 'report-sample' 'nonce-6TU85MKFvSOU8F-tzF4tvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ== Show response
fundingchoicesmessages.google.com/el/ 0
378 B 58ms
57ms XHR
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWOjjq0sGmWQl8x_hj3FgxY_Goc0qi3HK82-GTZigUQNjSbJELZfV08T43q16vPg_y24P_7FhA9_p0Gl4TeE-YRmKAqxRsZkT-kY1BjgIn6jZt0sAPvqnvEs70bI1TeiSPA1x7TQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-suF2dBXr6TeCanS1TIKuWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://attybin.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4Ftw9t51NoGPOhcXMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNLIWM_APL7AAACC6TLs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-suF2dBXr6TeCanS1TIKuWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://attybin.us
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 utils.js Show response
attybin.us/ 6 KB
2 KB 117ms
116ms Script
application/javascript 2606:4700:3030::ac43:c151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://attybin.us/utils.js

Requested by

Host: attybin.us
URL: https://attybin.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30bcd909569b225df42d8c8146e69037d34a5b8cece5bd56099fce97d8b6f307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbQvUwxRgElQej8ywOPKm0Bq%2BoMhs3hgwweBZmY%2BmtfbQzvj%2BWZSK8FTev6nwcuQHQaGoAHjUK1BE5Ht0TIQiosq7xb47BVohH3%2FUsi9Ghad%2BvnASlV11eQrVVv3sk0VOKlzagorYETJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 26 Jul 1988 00:04:48 GMT
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: application/javascript
last-modified: Sun, 21 Jul 2024 13:28:25 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c88fb0dfc018c60-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 layout.css
attybin.us/ 7 KB
1 KB 62ms
62ms Stylesheet
text/css 2606:4700:3030::ac43:c151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://attybin.us/layout.css

Requested by

Host: attybin.us
URL: https://attybin.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Retw0zy68lYDEBJnkeJzb19FzJJ6%2FMv3aa4bwSxhCTEgtO5PGcXZ9AZocXK%2BCP2cCeJaUSRWqrt7Lm%2Fc0OpBcZo4ksQxyWkznJTUSxmUHEr0ltXPzNofJNI65mUbH3xGbOIetchB4klo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 26 Jul 1988 00:04:48 GMT
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2024 13:27:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c88fb0dfc048c60-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 118ms
118ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240923&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409190101/show_ads_impl_fy2021.js?bust=31087413

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7981444af557c0a7c5830039699df1fafa626970c74af98973117b5b245ee46c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13046
date: Wed, 25 Sep 2024 06:33:04 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 favicon.ico
attybin.us/ 1 KB
1 KB 49ms
49ms Other
image/x-icon 2606:4700:3030::ac43:c151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://attybin.us/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:c151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b64de4f5228467a41bb1aab51b9c0d73b191ec9dbb4e4256314fa2e09c5e8b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://attybin.us/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 108909
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZ51WTr9Z2Vc5Y9aX%2Fi4z%2BicwRoRS92GKFKJdEEorvpbd0hecRAYZF1%2BOMXTTOPCysvJr6aErPryYEgWElRRlQqkPMJqWRdohi3tKrffHRrWjgYlM3fQRbUuH2jcu8wi%2BIyfugKOIyhn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 24 Jul 1988 17:49:39 GMT
date: Wed, 25 Sep 2024 06:33:04 GMT
content-type: image/x-icon
last-modified: Sun, 21 Jul 2024 13:28:09 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c88fb0e0c098c60-EWR
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 155ms
30ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: attybin.us
URL: https://attybin.us/layout.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://attybin.us
Referer: https://attybin.us/

Response headers

age: 8491
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 04:11:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 04:11:34 GMT
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15920
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 169ms
45ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: attybin.us
URL: https://attybin.us/layout.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://attybin.us
Referer: https://attybin.us/

Response headers

age: 202
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 06:29:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:29:43 GMT
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15744
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 199ms
74ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: attybin.us
URL: https://attybin.us/layout.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://attybin.us
Referer: https://attybin.us/

Response headers

age: 564606
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 17:42:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 17:42:59 GMT
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15740
x-xss-protection: 0
server: sffe

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.attybin.us/	1970-01-21 09:23:25	Name: _ga Value: GA1.1.1940668083.1727245982
.attybin.us/	1970-01-21 09:09:01	Name: __gads Value: ID=27aa89347895b3c2:T=1727245982:RT=1727245982:S=ALNI_MYSc0UTiIWMiH0NtviB1hyAhFXDLA
.attybin.us/	1970-01-21 09:09:01	Name: __gpi Value: UID=00000f04c7b81114:T=1727245982:RT=1727245982:S=ALNI_MaaWRrGL-fB9kpxH8Rm-1SCmMfsng
.attybin.us/	1970-01-21 04:06:37	Name: __eoi Value: ID=d9cb245ea76005e0:T=1727245982:RT=1727245982:S=AA-AfjZD4qWbmdNvzH1e-mJNfCv8
.doubleclick.net/	1970-01-21 09:23:25	Name: IDE Value: AHWqTUkHh0nmBsbMyRcL9v4W8p96_owgblKnHLO2ly0pEKu4etcZOCBRrrFEwBDSzQM
.googleadservices.com/	1970-01-21 01:57:01	Name: ar_debug Value: 1
.attybin.us/	1970-01-21 09:23:25	Name: _ga_4BLNRSC20J Value: GS1.1.1727245982.1.0.1727245984.0.0.0
.media.net/	1970-01-20 23:57:30	Name: data-exp Value: setstatuscode~~1
.media.net/	1970-01-21 08:33:01	Name: visitor-id Value: 3702475849660539000V10
.media.net/	1970-01-21 00:07:35	Name: data-g Value: CAESENRkP2HYy2QnGuqYrfGO2XQ~~6
.adsrvr.org/	1970-01-21 08:33:01	Name: TDID Value: 3b64d1be-478a-4b55-8c06-cf91f6b190c1
.attybin.us/	1970-01-21 08:33:01	Name: FCNEC Value: %5B%5B%22AKsRol9nN43fpBm13mnlI8_alPCkXIXNl8AQS_zz8vbo8DKRWyhJAItdU8NjPX3YGZUWZVTqM-ld17o0s3uAxJQ5ObcoiqKCmBX1Sq0Mv0WSa6R0swj66ipGuHjYuVJF-E2_2jHKaognc5FH-AQV4uY8cA0-OPbIyQ%3D%3D%22%5D%5D
.adsrvr.org/	1970-01-21 08:33:01	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjm7Oqavs2uPRAFGAUgASgCMgsIormHx9TNrj0QBTgB
.tapad.com/	1970-01-21 01:13:49	Name: TapAd_3WAY_SYNCS Value: 1!6462
.tapad.com/	1970-01-21 01:13:49	Name: TapAd_TS Value: 1727245984607
.tapad.com/	1970-01-21 01:13:49	Name: TapAd_DID Value: 9caef0ea-61e2-4c24-b944-812e8c0931e6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attybin.us
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
tpc.googlesyndication.com
2001:4860:4802:36::178
2606:4700:3030::ac43:c151
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2002
087f73a6cde94fe40a831f97a6a091dcc5465fd47d4ac68e93f685a8647679d0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2aca87d60c8a5521edc60cf9ace4ee411e0555ed9c1ac10a92ae00357b16d5ea
30bcd909569b225df42d8c8146e69037d34a5b8cece5bd56099fce97d8b6f307
3eaf7686cb8c89044dc75e63477f8bbde8d99745b8527c20b4e219a3c4f3b8ca
66f1eacf2c07fa53a6d21bfe798be649be633e677b425d2fa43359bfbb709fb4
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
7981444af557c0a7c5830039699df1fafa626970c74af98973117b5b245ee46c
7bcaaaa0e0da9f6a4ee30c77489057e38b10573fddd2e227c2a9ea718e65880f
837e9bb566e19b80eafe945080ebf910084b443b9d62b7aad7dda4d21dd214c2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b64de4f5228467a41bb1aab51b9c0d73b191ec9dbb4e4256314fa2e09c5e8b74
c9cf3e89dbf4c881d6846d97aedd20c6a259737452c1bcf17571262a71c1c050
d115781e71b405a4c4de9954e837a4d456bce86edf0f7d0696b596af18d309c9
dc52eefebc5aaaf43f07a164ecc03669a834f4ed91e09f099609197243d816ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef7b4e928add077ac24b98668efe8f104904c2c5d767b83e73c25816089cd40b
f2d87c0597d40792dbe9334d9116bf70a7e35b8c342b7fd70d86b36ee0a61ad5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa640ef5c20d0740d250f30c61f0a42607f145300c5fa06a8e56bb40e6f5f3cc

attybin.us Open in urlscan Pro 2606:4700:3030::ac43:c151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

100 %IPv6

7 Domains

8 Subdomains

8 IPs

1 Countries

610 kBTransfer

1712 kBSize

16 Cookies

0 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

attybin.us Open in urlscan Pro
2606:4700:3030::ac43:c151 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

610 kB
Transfer

1712 kB
Size

16
Cookies

38 HTTP transactions
0 data transactions