mub.me Open in urlscan Pro
2606:4700:3032::ac43:802c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mub.me/gixs
Effective URL:
https://mub.me/gixs
Submission: On October 27 via api (October 27th 2024, 6:49:37 am UTC) from US — Scanned from CA

Summary HTTP 60 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 10 domains to perform 60 HTTP transactions. The main IP is 2606:4700:3032::ac43:802c, located in United States and belongs to CLOUDFLARENET, US. The main domain is mub.me.
TLS certificate: Issued by WE1 on September 24th 2024. Valid for: 3 months.

This is the only time mub.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3032::ac43:802c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c03::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:400d:c0d::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c07::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c01::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0c::5e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:400d:c01::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c09::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::69	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4004:c1f::71	15169 (GOOGLE) (GOOGLE)
60	16

18 2606:4700:3032::ac43:802c (United States)

ASN13335 (CLOUDFLARENET, US)

mub.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c0d::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0c::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400d:c01::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c09::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::69 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c1f::71 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	mub.me mub.me	231 KB
15	google.com analytics.google.com — Cisco Umbrella Rank: 147 www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	73 KB
10	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	548 B
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	257 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
2	gstatic.com fonts.gstatic.com	66 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	109 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
60	10

	Domain	Requested by
18	mub.me	mub.me static.cloudflareinsights.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	mub.me pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	analytics.google.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.google.ca
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	mub.me
1	static.cloudflareinsights.com	mub.me
1	fonts.googleapis.com	mub.me
60	15

This site contains links to these domains. Also see Links.

Domain
safebrowsing.google.com
141.98.6.202

Subject Issuer	Validity	Valid
mub.me WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.ca WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://mub.me/gixs
Frame ID: D014BD473B3D933E523EE5B5FB3BF06A
Requests: 49 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-C4VHRTDQR4&gacid=154214655.1730011773&gtm=45je4ao0v9189668923za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848&z=1249939701
Frame ID: 4D40AB6D162FEECA87DC472B77142DFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Frame ID: 014D64F2E3792E59473ED7C8AA66B028
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=280&slotname=5482570082&adk=3183847769&adf=779335780&pi=t.ma~as.5482570082&w=1200&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=1200x280&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773312&bpp=4&bdt=843&idt=190&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=234547395361&frm=20&pv=2&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=228
Frame ID: CFCE13B93FA902AFE57C76E4258F1B73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=600&slotname=5482570082&adk=1047021597&adf=1706786280&pi=t.ma~as.5482570082&w=276&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=276x600&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773316&bpp=1&bdt=847&idt=237&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=247
Frame ID: 159054B373533B557EB012FD94A871D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=280&slotname=5482570082&adk=1386508694&adf=3178602382&pi=t.ma~as.5482570082&w=1200&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=1200x280&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773317&bpp=1&bdt=848&idt=260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280%2C276x600&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=264
Frame ID: E2A0F9811D284B52AB0B44958BBFAE10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=280&slotname=5482570082&adk=3183847769&adf=2994839378&pi=t.ma~as.5482570082&w=1200&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=1200x280&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773318&bpp=1&bdt=849&idt=272&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280%2C276x600%2C1200x280&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=275
Frame ID: 8A7ECDAA94E175FBD8BE8A7A1A8E63E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1730011773&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmub.me%2Fgixs&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773319&bpp=5&bdt=850&idt=281&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280%2C276x600%2C1200x280%2C1200x280&nras=1&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fsapi=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&fsb=1&dtd=293
Frame ID: C0A2F517568CD771414B4600F80EC6DD
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 6E35B7EC2107B0DAEF932E16B82A5F3D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C11607C6734BCA67569EA853148DAC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Frame ID: DBCE6E10DEA6EBAA01BFBB81C144078D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Frame ID: AC17F469F4F5B3BA7B29D53E34B94682
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

mub.me | Suspicious link warning mub.me/gIxs

Page URL History Show full URLs

http://mub.me/gixs HTTP 307
https://mub.me/gixs Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

98 %
HTTPS

100 %
IPv6

10
Domains

15
Subdomains

16
IPs

1
Countries

765 kB
Transfer

2477 kB
Size

35
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://safebrowsing.google.com/
Title: safebrowsing.google.com

Search URL Search Domain Scan URL

URL: http://141.98.6.202/wer/www/000Oo0o0Oo00O0o000O00o0o0oo00O0O0O0O0OII0O0O000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300000000%23%23%23%23%23%23%23%23%23%23%23%23%23%230000000.doc
Title: http://141.98.6.202/wer/www/000Oo0o0Oo00O0o000O00o0o0oo00O0O0O0O0OII0O0O000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300000000%23%23%23%23%23%23%23%23%23%23%23%23%23%230000000.doc

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mub.me/gixs HTTP 307
https://mub.me/gixs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request gixs Show response
mub.me/
Redirect Chain

http://mub.me/gixs
https://mub.me/gixs

18 KB
6 KB

856ms
445ms

Document
text/html

2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5096408dcc850b6a432f6e2ce3d5906edb1957e11584e7a0fb3fc35676b0979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8d90bf25ffc5de9a-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 27 Oct 2024 06:49:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8OIV53tkWPneBzaakSmTHlQzJc3DJ7NZERGAqFwcokjhJcl4CWpMfKwqw2q87w5rTl3LT5SbFxCAb3xBgXDFBiQ3Wt2rL7ay2krywzg4BySYotUsIvXryNkGtQl6JhjwL5uim%2Bg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=48078&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4257&recv_bytes=4475&delivery_rate=422&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=750&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://mub.me/gixs
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 285ms
75ms Stylesheet
text/css 2607:f8b0:400d:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

739435046eda17230db88dd6419b48977f47fab128c6596948a9cb67e667235f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 06:49:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 27 Oct 2024 06:49:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 vendors.min.css
mub.me/app-assets/vendors/css/ 50 KB
4 KB 100ms
97ms Stylesheet
text/css 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/vendors/css/vendors.min.css

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88d347e06ff2ffe8991e6d81d2de76702a6fdd3be880adb7339082283a65c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7372-c909"
age: 1557372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvL%2FlFH8E7yDOI5%2FmG%2FXkkW%2F3gMP4MxQAibVXVCCKkdqMnZVpkoH34m%2BHf6zmzBW4VLJHdzEgaPtsphb33rBkA0PZRKE%2FULm1ZDXHONGHjIGqwtNNoboYYbaI5Cs0IPa2SrVlFI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 06:13:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45941&sent=31&recv=22&lost=0&retrans=0&sent_bytes=22520&recv_bytes=10959&delivery_rate=146724&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=1022&x=1", cfExtPri, cfHdrFlush;dur=42
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2a1ca3de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bootstrap.min.css
mub.me/app-assets/css/ 218 KB
31 KB 100ms
98ms Stylesheet
text/css 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/css/bootstrap.min.css

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b56726d52a7029010c5f03bcb7bf501a5aa2be3dd645ad0edc24f27bf2df66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7371-367fc"
age: 1824407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddedJmBS3fdyaOg2wu1LZGbwn17iF9RxR1t0Y%2FAFRdeXPTkdjARXoyCnibc2pK%2B13U2Vu5vtebZEcO3tXcE%2Fyp7boyLaH8v%2BjHIRKYsfJVdlEoO2w41mHdIKQYs4kTzUbKly7ks%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 04:02:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45941&sent=31&recv=22&lost=0&retrans=0&sent_bytes=22520&recv_bytes=10959&delivery_rate=146724&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=1023&x=1", cfExtPri, cfHdrFlush;dur=41
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 17:29:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2a1ca4de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bootstrap-extended.min.css
mub.me/app-assets/css/ 70 KB
12 KB 140ms
138ms Stylesheet
text/css 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/css/bootstrap-extended.min.css

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fcca537bf8bc67ac1e899a59c5049abe6d8d771a9b1ee2a9e60b90d927caab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7371-11893"
age: 1557371
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrZzJkQ9ZIlGDovy63bQ07ptNWn3I%2BSnmrWmZ6z%2BYa5ecDgDr6vIXiDg2fFAhwfa%2BQUg7HveMfBr6Z4LIBsz%2F%2Fgcq72V38WIfRqFZ12u9rXES2XV%2F7e27fl19hxgzQds6KzyseY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 06:13:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45941&sent=31&recv=22&lost=0&retrans=0&sent_bytes=22520&recv_bytes=10959&delivery_rate=146724&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=1023&x=1", cfExtPri, cfHdrFlush;dur=41
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 17:29:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2a1ca6de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 colors.min.css
mub.me/app-assets/css/ 59 KB
7 KB 142ms
140ms Stylesheet
text/css 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/css/colors.min.css

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2085c6f7575e4d3ad73a5041212d120b0f8550f439744da02d64d8c77cf41252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7371-eba4"
age: 1557371
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HklvXmhQnZBRymOWyj0dlHfHbq4fxWrfKuyO44Oai9jALhWYQRqFEL8ZPTDUEbyeOcHO9LSsju7%2FuTIL0ubpe1iZrzsn86sQQd7o0El%2BUcweuhc2ugJafablqlPAtZudsKUVXY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 06:13:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45941&sent=31&recv=22&lost=0&retrans=0&sent_bytes=22520&recv_bytes=10959&delivery_rate=146724&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=1023&x=1", cfExtPri, cfHdrFlush;dur=41
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 17:29:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2a1ca8de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 components.min.css
mub.me/app-assets/css/ 80 KB
13 KB 57ms
55ms Stylesheet
text/css 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/css/components.min.css

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a97c54b6de39c75cbaab48be0bc0f3777bea8ca945be7df72f46cd8e58cbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7371-14171"
age: 442696
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ud4FZ8ZWqG%2F%2F6sH2y3ZGIJp9t7bIpuz4CgIw2Cz3mRxovdnLQvKHBRGCZ8JWQGJyT3HGpjuSMtxLi6Iz%2F25kVUbTqDvIXUzZnMMZcK2AGf6t6%2BKDK%2BpW66va%2FFvuHPsQApf5xjs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 03:51:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45941&sent=21&recv=22&lost=0&retrans=0&sent_bytes=10520&recv_bytes=10959&delivery_rate=146724&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=1022&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 17:29:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2a1ca9de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 dark-layout.min.css
mub.me/app-assets/css/themes/ 75 KB
16 KB 141ms
139ms Stylesheet
text/css 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/css/themes/dark-layout.min.css

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36b27423345e2ce4d08e90c1f05c82935c69b6da1e1a8f711364f0ca17f645a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7371-12def"
age: 1557371
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4bAAW5FZm21mS1VtyAYx9rQhWA9c0ICA%2FX0z%2FSHJWAbJn4Shq3HcljxjGyz3APfj4%2B%2F1%2Fzr%2FUGumne8QMZng4YgKTxExBrSM8NXX0MonIGieBsw2aIOsvAkZWqEm6LlfK7BLpU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 06:13:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45941&sent=31&recv=22&lost=0&retrans=0&sent_bytes=22520&recv_bytes=10959&delivery_rate=146724&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=1023&x=1", cfExtPri, cfHdrFlush;dur=41
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 17:29:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2a1cabde9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 horizontal-menu.min.css
mub.me/app-assets/css/core/menu/menu-types/ 19 KB
3 KB 180ms
178ms Stylesheet
text/css 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/css/core/menu/menu-types/horizontal-menu.min.css

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47bb6e9f4c73d85eeafd0d65f3b2c1dd35d2c1fd5503ff26faea594924885430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7371-4b66"
age: 1557370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zz%2FD21MV08c8WpEeGq966NzRDYJKMz3Vdh7Wj7PKjE9Qy9gv7G63DfPxvPYm17jb7PqM6Qpi1ax13GpSyHNd0m%2BPkfMYeCD%2BFtY7n8kk8N8eVG2d8%2FakO1CEFChfkRHbjcX4NTg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 06:13:22 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45941&sent=31&recv=22&lost=0&retrans=0&sent_bytes=22520&recv_bytes=10959&delivery_rate=146724&cwnd=12000&unsent_bytes=0&cid=6c733925fba6d575&ts=1023&x=1", cfExtPri, cfHdrFlush;dur=41
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 17:29:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2a1cadde9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 154ms
149ms Script
application/javascript 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: mub.me
URL: https://mub.me/gixs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67180f7e-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=knihYi%2BBc9Mc3idEifxmVTyePkMfuOo6ORtbDRJ%2BOBCJGdQmCiMg%2BDBAcCcuK2y42y3jzZCmuvV8WCOaKz7bf0gu%2FE5mCxXaNr6AVNp1LFBK6w8pUtHHpCyjG0%2BEOt5byWyG9Ho%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d90bf2a4d28de9a-EWR
expires: Tue, 29 Oct 2024 06:49:32 GMT
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 20:47:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 251ms
66ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: mub.me
URL: https://mub.me/gixs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://mub.me
Referer: https://mub.me/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d90bf2b6deac339-EWR
access-control-allow-origin: *
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 app.js Show response
mub.me/js/ 3 KB
2 KB 51ms
50ms Script
text/javascript 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/js/app.js

Requested by

Host: mub.me
URL: https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

717e3da2d782fa07dc96a891025de4a7d3f2caa1ff490937aa24e335c69ba1d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"668d7372-a6b"
age: 570237
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTh78DNsF3JB28K%2Fu4rfjHEC6WLoLZtMk%2FtcWKb150XLS3wcKj7S%2B3kw%2BqyGtEBpMW6LsennNhOqsBzsdW%2BFY%2FDH1%2FiM7QX8Aali%2B8Knw3CdcNEZrKTOV%2BvvKVDJJQGjTO4zg7w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 16:25:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43722&sent=116&recv=72&lost=0&retrans=0&sent_bytes=106741&recv_bytes=18180&delivery_rate=951965&cwnd=55200&unsent_bytes=0&cid=6c733925fba6d575&ts=1306&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/javascript
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2bef36de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 app.min.js Show response
mub.me/app-assets/js/core/ 18 KB
6 KB 55ms
52ms Script
text/javascript 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/js/core/app.min.js

Requested by

Host: mub.me
URL: https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa3d92c2bbe23366cdf81964eb52cd8497a95dac318a3f1fc67194d04da3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7372-49f5"
age: 1543698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuu22t39Tv%2FyaiefwSmvtE8Bjce8wQ2iLvoIsajDgYZ5qbQw3wjYTyHqTRbMegiH3hgYPohVPnELyO2QiESQifY3y5MdXg5uwq1pLRb3aE%2BL%2Fv1DEj5rRgsjK9k8ulajpnOkWx0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 08 Nov 2024 10:01:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43722&sent=119&recv=73&lost=0&retrans=0&sent_bytes=108511&recv_bytes=19143&delivery_rate=951965&cwnd=55200&unsent_bytes=0&cid=6c733925fba6d575&ts=1310&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/javascript
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2bef3cde9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 app-menu.min.js Show response
mub.me/app-assets/js/core/ 15 KB
4 KB 61ms
56ms Script
text/javascript 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/js/core/app-menu.min.js

Requested by

Host: mub.me
URL: https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25ddd38090949542d96065d7671d0f4e92ef8f065ea395c2dbdef533770ae0f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7372-3c7b"
age: 1792097
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cexNei0Fsw1wIBVYWVTmL4RvzVwOTfF9jxD9jWx%2F2zx2b7BcbuOHzrqnwVUiwRXw4xJnAI9%2B3GxnYgqnVmfk8Evjl7%2FP9LCjAFgj1hcI1pQd%2BbwDdMJ8aODVrUShPKV5DymOx8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 13:01:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43722&sent=129&recv=73&lost=0&retrans=0&sent_bytes=118032&recv_bytes=19143&delivery_rate=951965&cwnd=55200&unsent_bytes=0&cid=6c733925fba6d575&ts=1318&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/javascript
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2bef49de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 jquery.sticky-kit.min.js Show response
mub.me/app-assets/vendors/js/ui/ 3 KB
2 KB 56ms
51ms Script
text/javascript 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/vendors/js/ui/jquery.sticky-kit.min.js

Requested by

Host: mub.me
URL: https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

828975d22b3e8af285d3885248884273e11c09d6406874ed4793164eef285f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7372-cc3"
age: 872788
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHxr2lI6XZWUy2cwU%2BC66ufvpY%2F1KAlnWfh1TYyASGlwTP0GqRyYIomt%2BUy12OhskcATsPZ9czC96GTsYAH%2F46QlU8%2BKCzOOaujT67gzOvWRzAwEW5E7XjVOZupECu1soLh49Ps%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 04:23:04 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43722&sent=125&recv=73&lost=0&retrans=0&sent_bytes=114589&recv_bytes=19143&delivery_rate=951965&cwnd=55200&unsent_bytes=0&cid=6c733925fba6d575&ts=1312&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/javascript
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2bef4cde9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 vendors.min.js Show response
mub.me/app-assets/vendors/js/ 386 KB
115 KB 65ms
60ms Script
text/javascript 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/vendors/js/vendors.min.js

Requested by

Host: mub.me
URL: https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a91819cc6f4e560cd014d6078458f22b3042053e4c365cb05a36adc624703a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7372-6077f"
age: 982074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0NSruNACgEfWmeGj%2FibLUuyIihB3Ee8gI8dHWH8JoXhSdgFwqfJtR%2BCLOW29Kc7F%2BrF8j8iD2FhyPnKKKmfsouNRxh3FMBQEq0BSie%2Fke%2BmDnVBfnBQfW40ldoPXu1R8B4iHwk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 22:01:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43722&sent=133&recv=73&lost=0&retrans=0&sent_bytes=122681&recv_bytes=19143&delivery_rate=951965&cwnd=55200&unsent_bytes=0&cid=6c733925fba6d575&ts=1322&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: text/javascript
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2bef4dde9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
53 KB 402ms
109ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mub.me
URL: https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

204b3748e8e1de00e5c3261c11e4cb22b6990b5bbcaf40e520fd103cdb6a4402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: br
etag: 2796442358266118004
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 06:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 27 Oct 2024 06:49:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53958
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
109 KB 389ms
95ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C4VHRTDQR4

Requested by

Host: mub.me
URL: https://mub.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20bbfd7605aec88324cadbefddb25063faadab866d71df9ec9e491261eae605c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 06:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111322
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gb.svg
mub.me/app-assets/fonts/flag-icon-css/flags/4x3/ 989 B
1 KB 51ms
50ms Image
image/svg+xml 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mub.me/app-assets/fonts/flag-icon-css/flags/4x3/gb.svg

Requested by

Host: mub.me
URL: https://mub.me/app-assets/vendors/css/vendors.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5a4d65bdad10b6194662ff908b27d179a158aa6760079652771db519329204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/app-assets/vendors/css/vendors.min.css

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"668d7372-3dd"
age: 296388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ebjg5%2BWHQiTEXow4aN1Wk3PkLMQIf%2BPpuZ%2B9xzzHuy%2FtrfXl7J8ZujXhUn36BgPpcgzjEIT6EPbD4LZTeVGAVV3B62Hg5JxvES20BcbqKZIIuKnpBFasyqqxiQUUcKMlp9thJ9o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 20:29:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43722&sent=127&recv=73&lost=0&retrans=0&sent_bytes=116768&recv_bytes=19143&delivery_rate=951965&cwnd=55200&unsent_bytes=0&cid=6c733925fba6d575&ts=1317&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:32 GMT
content-type: image/svg+xml
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2bff63de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 304ms
56ms Font
font/woff2 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://mub.me
Referer: https://fonts.googleapis.com/

Response headers

age: 364970
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 01:26:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:26:43 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 309ms
61ms Font
font/woff2 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://mub.me
Referer: https://fonts.googleapis.com/

Response headers

age: 260005
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 06:36:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 06:36:08 GMT
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34288
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
mub.me/ 0
681 B 398ms
398ms Other
image/x-icon 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs

Response headers

cf-cache-status: REVALIDATED
etag: "668d7372-0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iWYZAv4fkFl1gURAkEZrUlG4rT4XRzdEMehN7PSgSOTOo%2FikcL7TkARmlYuS%2BLBMVaYpH%2F%2BE4lawyqGvBXEgbKAC7Y6teMsVIrMUruNsD0Lz6TMdPAJbpB5Wx%2FciqN5KdTKM3Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=49390&sent=241&recv=93&lost=0&retrans=0&sent_bytes=246107&recv_bytes=24510&delivery_rate=42914&cwnd=99600&unsent_bytes=0&cid=6c733925fba6d575&ts=2118&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:33 GMT
content-type: image/x-icon
last-modified: Tue, 09 Jul 2024 17:29:22 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2ecb2bde9a-EWR
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
analytics.google.com/g/ 0
0 326ms
143ms Fetch
text/plain 2607:f8b0:400d:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C4VHRTDQR4&gtm=45je4ao0v9189668923za200&_p=1730011773191&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848&cid=154214655.1730011773&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730011773&sct=1&seg=0&dl=https%3A%2F%2Fmub.me%2Fgixs&dt=mub.me%20%7C%20Suspicious%20link%20warning%20mub.me%2FgIxs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1887
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4VHRTDQR4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://mub.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:33 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 259ms
85ms Ping
text/plain 2607:f8b0:400d:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C4VHRTDQR4&cid=154214655.1730011773&gtm=45je4ao0v9189668923za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4VHRTDQR4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c00::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://mub.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:33 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 4D40 0
0 257ms
83ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-C4VHRTDQR4&gacid=154214655.1730011773&gtm=45je4ao0v9189668923za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848&z=1249939701

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4VHRTDQR4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:49:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 208ms
62ms Image
image/gif 2607:f8b0:400d:c0c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C4VHRTDQR4&cid=154214655.1730011773&gtm=45je4ao0v9189668923za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101823848&tag_exp=101533422~101823848&z=957661674

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 27 Oct 2024 06:49:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/ 435 KB
145 KB 82ms
82ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b16cdbe7c07e446bd07dd84df2f8eb7e94ff625fc726ac773f85328ea23baa56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: br
etag: 136933858786132635
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 06:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 27 Oct 2024 06:49:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148304
x-xss-protection: 0
server: cafe

GET
H3 200 en.json Show response
mub.me/app-assets/data/locales/ 5 KB
2 KB 139ms
139ms XHR
application/json 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/app-assets/data/locales/en.json

Requested by

Host: mub.me
URL: https://mub.me/app-assets/vendors/js/vendors.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c74dbee3f35926d53ea3be39014be8219d412fbc0642bce70ff4953241e847ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/gixs
X-Requested-With: XMLHttpRequest

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"668d7371-1317"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7D4uVStTUKxVrNfWZGLceFT5ueOomPf%2BT6Xi0p9f7RRDerbYLGu1g57WCKdYMwfXInGQom4XpmRX30U3sNcDbgwnUFv30lU7IRObndSiNrDBZf2yeCp%2Bm4EB%2FJ%2Fa0ofyciF7ZX8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=50155&sent=239&recv=92&lost=0&retrans=0&sent_bytes=243748&recv_bytes=24465&delivery_rate=824&cwnd=99600&unsent_bytes=0&cid=6c733925fba6d575&ts=1975&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 27 Oct 2024 06:49:33 GMT
content-type: application/json
last-modified: Tue, 09 Jul 2024 17:29:21 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d90bf2f8c89de9a-EWR
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 204 rum Show response
mub.me/cdn-cgi/ 0
135 B 49ms
48ms XHR
text/plain 2606:4700:3032::ac43:802c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mub.me/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:802c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://mub.me/gixs

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d90bf2f9c98de9a-EWR
access-control-allow-origin: https://mub.me
date: Sun, 27 Oct 2024 06:49:33 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/ Frame 014D 0
0 352ms
70ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 71046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 11:05:27 GMT
etag: 13108003645644964576
expires: Sat, 09 Nov 2024 11:05:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame CFCE 0
0 471ms
202ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=280&slotname=5482570082&adk=3183847769&adf=779335780&pi=t.ma~as.5482570082&w=1200&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=1200x280&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773312&bpp=4&bdt=843&idt=190&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=234547395361&frm=20&pv=2&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:49:33 GMT
expires: Sun, 27 Oct 2024 06:49:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 222ms
102ms XHR
application/json 2607:f8b0:400d:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5cb99f3b169d1f002385397ffcce4720439d2abd56fcb206b617b183af5c420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12866
date: Sun, 27 Oct 2024 06:49:33 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1590 0
0 491ms
246ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=600&slotname=5482570082&adk=1047021597&adf=1706786280&pi=t.ma~as.5482570082&w=276&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=276x600&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773316&bpp=1&bdt=847&idt=237&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1181&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=247

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18070
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:49:34 GMT
expires: Sun, 27 Oct 2024 06:49:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame E2A0 0
0 486ms
259ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=280&slotname=5482570082&adk=1386508694&adf=3178602382&pi=t.ma~as.5482570082&w=1200&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=1200x280&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773317&bpp=1&bdt=848&idt=260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280%2C276x600&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=264

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:49:34 GMT
expires: Sun, 27 Oct 2024 06:49:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8A7E 0
0 415ms
198ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&h=280&slotname=5482570082&adk=3183847769&adf=2994839378&pi=t.ma~as.5482570082&w=1200&abgtt=9&fwrn=4&fwrnh=100&lmt=1730011773&rafmt=1&format=1200x280&url=https%3A%2F%2Fmub.me%2Fgixs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773318&bpp=1&bdt=849&idt=272&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280%2C276x600%2C1200x280&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:49:33 GMT
expires: Sun, 27 Oct 2024 06:49:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 62ms
61ms Image
image/gif 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=header-navbar%20navbar-expand-lg%20navbar%20navbar-fixed%20align-items-center%20navbar-shadow%20navbar-brand-center%20bg-primary%20navbar-&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 27 Oct 2024 06:49:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame C0A2 0
0 570ms
373ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6448705876924637&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1730011773&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmub.me%2Fgixs&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730011773319&bpp=5&bdt=850&idt=281&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280%2C276x600%2C1200x280%2C1200x280&nras=1&correlator=234547395361&frm=20&pv=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789&oid=2&pvsid=857163677349597&tmod=42285215&uas=0&nvt=1&fsapi=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&fsb=1&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39469
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:49:34 GMT
expires: Sun, 27 Oct 2024 06:49:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 265ms
91ms Script
text/javascript 2607:f8b0:400d:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 06:49:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:34 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 6E35 0
0 283ms
85ms Document
text/html 2607:f8b0:400d:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:14:24 GMT
expires: Sun, 27 Oct 2024 07:04:24 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 7C11 0
0 263ms
73ms Document
text/html 2607:f8b0:400d:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b5IMph_-awFVa7myMyhp0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-b5IMph_-awFVa7myMyhp0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Oct 2024 06:49:34 GMT
expires: Sun, 27 Oct 2024 06:49:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/ 178 KB
60 KB 74ms
74ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/reactive_library_fy2021.js?bust=31088398

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a46fbf7533b43cf3ce144b266233ca4cc914d84228a87f483689b2398dc8b5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: br
etag: 7791658030026748320
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 06:49:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 27 Oct 2024 06:49:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 61004
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-6448705876924637 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 291ms
106ms Script
application/javascript 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6448705876924637?href=https%3A%2F%2Fmub.me%2Fgixs&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1cd2d855de937b4df2e37503cb50e9d278e7844de4193f7bee2d5ec03ec43f2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sxEaCqgax0GMI7Zl-y8nsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBz_jnzfwSaw4MjHN4xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYAApdJ_g"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sxEaCqgax0GMI7Zl-y8nsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
63ms Image
image/gif 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-6448705876924637&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20241023_103822&sat=1729904413246&afm=2%2C0&as_count=2&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.416&alldns=0.416&allp=5&pgh=2114&abl=false&rr=n&su=mub.me&pvc=857163677349597&r=0.1&eid=44759875%2C44759926%2C95331833%2C95332923%2C95344190%2C95345271%2C31088398%2C95344978%2C95345789

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 27 Oct 2024 06:49:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 169ms
59ms Fetch
text/html 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://mub.me/

Response headers

POST
H3 204 AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 233ms
67ms XHR
text/html 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/am=DAY/d=1/rs=AJlcJMzOfT23p6gl782x6caagEj2Qw2IaA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B3zbSFOmQNc9sYy6EdSQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mub.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh-Hfk-w42gR1rj_1kUnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAKOSLu0"
content-security-policy: script-src 'report-sample' 'nonce-B3zbSFOmQNc9sYy6EdSQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mub.me
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxU-kA6nUo91T2_6qg_4QacxkPjaAu3e5yVLTJhVhOlLdJ7KUNNkuaNBjyoT5d4S-QqO0N-1yEyKzt3NuAiAFnpTYFkvkJfedJDAIyWHAABG8PJeTLS7kWY8v9tulDzb-uXeNz6-Hg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 77ms
76ms Script
application/javascript 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU-kA6nUo91T2_6qg_4QacxkPjaAu3e5yVLTJhVhOlLdJ7KUNNkuaNBjyoT5d4S-QqO0N-1yEyKzt3NuAiAFnpTYFkvkJfedJDAIyWHAABG8PJeTLS7kWY8v9tulDzb-uXeNz6-Hg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMDExNzc0LDYxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tdWIubWUvZ2l4cyIsbnVsbCxbWzgsIlo3ZnhWeldjSEs0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f363a663cf20b701914cfda6c7c1d1346907187bbd472090e6195a9170756187

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3EyhK_J02s8zO8AuGcxxSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBz_jnzfwSZwoW37HiYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDIyM9A4P4AgMA5zVJfQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3EyhK_J02s8zO8AuGcxxSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/ Frame DBCE 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 71046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 11:05:27 GMT
etag: 13108003645644964576
expires: Sat, 09 Nov 2024 11:05:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/ Frame AC17 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mub.me/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 71046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 11:05:27 GMT
etag: 13108003645644964576
expires: Sat, 09 Nov 2024 11:05:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 58ms
56ms Fetch
text/plain 2607:f8b0:400d:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C4VHRTDQR4&gtm=45je4ao0v9189668923za200&_p=1730011773191&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848&cid=154214655.1730011773&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1730011773&sct=1&seg=0&dl=https%3A%2F%2Fmub.me%2Fgixs&dt=mub.me%20%7C%20Suspicious%20link%20warning%20mub.me%2FgIxs&en=ad_impression&ep.query_id=CIPE84n8rYkDFYVlRwEdVqg4ZQ&_et=1197&tfd=3302
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4VHRTDQR4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://mub.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 AGSKWxW8YAepnsnvHavKZVu4aaeFEhtshu3vaOXTf9Yzm0NrC1xLohwHdkV68JL86W9I4VXLrtaOUcmTKRURGWfkfFLBAzVebdEIGaa7pHIOo9aGR7vT6BSMcRn5v2Z-gNkXb96mJmbhdw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 104ms
102ms Script
application/javascript 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW8YAepnsnvHavKZVu4aaeFEhtshu3vaOXTf9Yzm0NrC1xLohwHdkV68JL86W9I4VXLrtaOUcmTKRURGWfkfFLBAzVebdEIGaa7pHIOo9aGR7vT6BSMcRn5v2Z-gNkXb96mJmbhdw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMDExNzc0LDcwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbXViLm1lL2dpeHMiLG51bGwsW1s4LCJaN2Z4VnpXY0hLNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e21d4cb7b09881e723109a3442105dd616ab86f63d66f43a55143b61634ce3b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-afLQ67b7AY85utYifdOt_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBz_jnzfwSZw4f6ML0xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYA91hJ6Q"
content-security-policy: script-src 'report-sample' 'nonce-afLQ67b7AY85utYifdOt_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H3 200 c_ad.aspx Show response
fundingchoicesmessages.google.com/f/AGSKWxX1CCNtUbmmbizcQVn8UNDxNkZJVQqDYJTY8WooppM7J_iRKAJXHCZKR8h7v5plLaG3z6pj1CONPIJvrHR1R6y0JeHGVd74elN93YgFZ2943V5rFJXnMXRcLUSyIObSUJzDczahygqHYCkdZcLDxqDVgyUyV... 54 B
109 B 70ms
69ms Script
application/javascript 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX1CCNtUbmmbizcQVn8UNDxNkZJVQqDYJTY8WooppM7J_iRKAJXHCZKR8h7v5plLaG3z6pj1CONPIJvrHR1R6y0JeHGVd74elN93YgFZ2943V5rFJXnMXRcLUSyIObSUJzDczahygqHYCkdZcLDxqDVgyUyVev2xZbDRmGFTPFI8nVv-Kf_obiTQtbp/_/ad/banner./ads-1./c_ad.aspx?/adcore.-ad/source/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Z7fxVzWcHK4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxuVcR4z_ar3ILCbuu4kOfZio42Ig/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4731b2e9bc04dfdc428c6569836cc1216a8b61e67463243c3100041feef9c84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XAIfirDKVyzENQhEyYnGpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBz_j3zfwSbw4tfXR4xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGRkZ6BgbxBQYAFABKcA"
content-security-policy: script-src 'report-sample' 'nonce-XAIfirDKVyzENQhEyYnGpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 54ms
54ms Script
text/javascript 2607:f8b0:400d:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: br
etag: 16023549773543154165
age: 2981
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 06:59:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 27 Oct 2024 05:59:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 51
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 68ms
66ms XHR
text/html 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cg5lB0blD48LWhZ2SOrfpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mub.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh-H_k-w42gRX_dzxkVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAKp6LwY"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cg5lB0blD48LWhZ2SOrfpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mub.me
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 130ms
129ms XHR
text/html 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5TBblxz1HrmNhuTToDDr9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mub.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLh-H_k-w42gRcdH2YxKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQyDWMzCPLzAAAJNrLrk"
content-security-policy: script-src 'report-sample' 'nonce-5TBblxz1HrmNhuTToDDr9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mub.me
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
69ms XHR
text/html 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PUzq354C6N9Aq73IZAyG5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mub.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh-H_k-w42gY6dN1uYlFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJIRDrGZjHFxgAAHe2Lls"
content-security-policy: script-src 'report-sample' 'nonce-PUzq354C6N9Aq73IZAyG5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mub.me
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
77ms XHR
text/html 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TgZLDD1kUlGNmlzPz1MDag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mub.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh-H_k-w42gRmLp3YxKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQyDWMzCPLzAAAGVGLhk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TgZLDD1kUlGNmlzPz1MDag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mub.me
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUnvv5bnUMH8DpsDkh_KVG1iTLgyq_bsSO5Te6yuo4TqeQ5DZ2Gl4ixkqbMJfNNHC8STb3IRQ-7TzV2mtGXyh6fK56XQfux6al0_r6fKh1xRh5QiympuIn09EDjMlh7P1K1FZ9F7w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 72ms
72ms Script
application/javascript 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUnvv5bnUMH8DpsDkh_KVG1iTLgyq_bsSO5Te6yuo4TqeQ5DZ2Gl4ixkqbMJfNNHC8STb3IRQ-7TzV2mtGXyh6fK56XQfux6al0_r6fKh1xRh5QiympuIn09EDjMlh7P1K1FZ9F7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMDExNzc1LDUxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tdWIubWUvZ2l4cyIsbnVsbCxbWzgsIlo3ZnhWeldjSEs0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90e64ae2cba827754b47610e491759a9edab5475cfe0d86cfc8f2eafb4f8860f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7gtlrSdrTE4U-1n_lDaf-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mub.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_Hej5dYjwJxkcQV1gYgvt10hfUxEDN8vcLKAcRCPBz_j3zfwSbwYO7UDiYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDIyM9A4P4AgMA4OpJUQ"
content-security-policy: script-src 'report-sample' 'nonce-7gtlrSdrTE4U-1n_lDaf-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXZeYNJwDGixnyMEhqOt6JXZBQBBcNiVe30441ZBmtqxPrmoEBG1ZMVGtKjlh4jazBa1BtJ9dGyba0CjT7ZdKYn6WKABoe10xyBkNQDle1GMYxrSgNkOjsD4w44d8kHxuLJ1BEgJw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 67ms
67ms XHR
text/html 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZeYNJwDGixnyMEhqOt6JXZBQBBcNiVe30441ZBmtqxPrmoEBG1ZMVGtKjlh4jazBa1BtJ9dGyba0CjT7ZdKYn6WKABoe10xyBkNQDle1GMYxrSgNkOjsD4w44d8kHxuLJ1BEgJw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kKKdP_uY0W7SZWx-sKdA1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mub.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh-H_k-w42gRurj69kUnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAAI74Lq0"
content-security-policy: script-src 'report-sample' 'nonce-kKKdP_uY0W7SZWx-sKdA1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mub.me
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 68ms
66ms XHR
text/html 2607:f8b0:4004:c1f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXx1yVKo99EX7MAWKF8PUFopDuI-oVJeVBD4Ewq-3CQg7praoVmrqS0Vr1PSsnTCMJziue8YT6764SkILOAvPe9oPAaZdzOflaVPCFe_d83pXJACQiAKrZwfeqsQI2v22WQnDsMZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Saj71aO-cr-x7ICSYVqu1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://mub.me/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 06:49:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoCxO5aF1n9gXjvx0usR4GY4esVVg4gFuLh-H_k-w42gRdvvq5kUnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhkCsZ2AeX2AAALhALzY"
content-security-policy: script-src 'report-sample' 'nonce-Saj71aO-cr-x7ICSYVqu1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://mub.me
content-length: 0
x-xss-protection: 0
server: ESF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241023&jk=857163677349597&bg=!srGlsf7NAAZ-RxQpXkc7ADQBe5WfON2D6UF2dugMRheZ7qwoGGrW-hnlj2QFjwDOBsTD8DaQl6yDwo8cQCnXLw5erdJ6AgAAAEhSAAAABmgBB34ANjpBXQjBVIV02MM1tNIulYH5Iis8GBKQQvXkNRwKqytTd7_k1xYHNZI3I4oaSE9LjvZYbK4SKQoAd3qO0G91PCRCPTWGpKx1MOoJ0TZV-0fDgZU3FqOO0OIxVoPilBIRQ2_gwANz55d9-c-K9ZOat3BsVE2-71odKhXLzafYq01tZgjuMV84F3fOPR9FDeIQwRQKZBxrRfgpkv1aJYYTnOLfPxGd2cVego8KclbVCLw0mQKLPNZxlme2rYo6tXTIkj7wEmCFM6P0feCIze7p6FM92CQCj_o0xtA8r332weMOyZ8h0NCAo5JaKjDB0disBZ3PmuVKQo4EJmOumCyJNojN6HwhBaAKHq5D7wxNnN2aqUFcYhSzNCxd7daplqSDuph1h-aAkjpDND98TCT9BkkH8rzUmC_kBwE3zJxhEDLx1M43HcYE3MfvDBvG8KntiBwJf1kEcNSjb-pP7mWiSLz7cEl4HKBBdW2kgAIcP11aYWqpbpWP-MRALIjAsra7xLsMFdtpi8T09BGLymuoP2F7Wak-FUWMgnUYseu__xh3cGq67DUcoGiVgwINBY3mH3jY3YDfaRF9vo6Kzga3nEQKXHreBBRGigvIt1K8GMzZ8YHJ9W1zQxjrNb3XGhSu1U1-opnoVmAQ-XUmBaTVoDUlxlci9Gn3Q4UT_AOzjWKLkCHnJDlVEecn6dPT1rQT8Ebpe3liChLEf5zc8j3x3b8de25A39SUQfxZ-71BkPJurGwTW5Sk6H7stiUysGm9__yL0vC_LjZs_c-gPYaZcVb6IqBm5LwoDOg9AlUht3dLY8UICTatMW8nJZBitLWQVlf9y_Rcn8LKSVxVbLH72awf5CQtbTit4spzp1WlbjerI-xA3s2MwpuWI_DVkGctgK1tu4315mhAEYbsedcT1kuC9LEfUUhZDKAXc4yruLf8eO9Q_0h1LrNj_0HFbRP5FkiL2JFH0jrGvkrW5wHVmbHuA5aNUUgfSWg4O1T70oxK7TFXHzEpR0Ly5ylfNLHmIHhanZaLAqW_aLfLKoGNlqrgYM67UHqPh0IVUP6IbLx8etTNei4ZZ8NCXjMHVkFtYQODVgHd6cjZoo4c4kr0

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mub.me/	1970-01-21 00:33:38	Name: XSRF-TOKEN Value: eyJpdiI6IjVSOUdTcDJoQWY0b3RkbzNET0pya0E9PSIsInZhbHVlIjoiUng4QStQSlBDMjVwVm1xRSsyQnBQbnJZRmEyTXkvTEZNQ00vWDJNVkxvKzAyWEVYVStqQ1BhZE9laFFEeUw4ODJwRTNTZXJ1YXgzWU1IYWNYWEZRUWx3TEwxcFNGdGY0Q1RUZFVBdGR4T21acUYyNnp1LzJldFNQNGRTdE9TaFIiLCJtYWMiOiIzNGQxMDlmM2U0MTY3MjRjNjcyNTY5NDJjYTQ2ZTY4MjA4M2Y3ODY3MDc5NDc4ZDViM2ZkYTBhZjFmN2Q4ZDBiIiwidGFnIjoiIn0%3D
mub.me/	1970-01-21 00:33:38	Name: mubme_session Value: eyJpdiI6IjYxRWhzSi9FSVZUQ2ZkS0JjTTlsbUE9PSIsInZhbHVlIjoiUXAwbStwUkhxY0UrT05BL29ZZ1dJWFlZeDBSc01EZnJXSXorcktJa2Y0TDFXOER3RWNuM2xkaHYzZHk5NnYwZ3RoMkZzTVhiMW4vcVJPT01FeU1ZdGRJQ0RZd01WNzNXY1lKaU1tRnppZkh0eWJaLzU0KytBWVlqUmgyRFVSeTgiLCJtYWMiOiI0NDYyNmIwZTY0MTU5NWY4OWEzNDUyYWI4Yzc0ZDQxMThmMWI3OWQ2ZmVlYmE0ZmVkY2I4ZjljNjI4YzU0NWRmIiwidGFnIjoiIn0%3D
.mub.me/	1970-01-21 10:09:31	Name: _ga Value: GA1.1.154214655.1730011773
.mub.me/	1970-01-21 09:55:07	Name: __gads Value: ID=f0b395265267bb16:T=1730011773:RT=1730011773:S=ALNI_Ma2qZi55jCWsMjjSQgiyj1ukvCLJw
.mub.me/	1970-01-21 09:55:07	Name: __gpi Value: UID=00000f390400ea64:T=1730011773:RT=1730011773:S=ALNI_MY-pNyvKvzxP_J7NZM5zIzVjMShEQ
.mub.me/	1970-01-21 04:52:43	Name: __eoi Value: ID=f21d2051f9f9aded:T=1730011773:RT=1730011773:S=AA-AfjZUU8Vs2IVPxlZ30odCPFVi
.doubleclick.net/	1970-01-21 10:09:31	Name: IDE Value: AHWqTUkaQXUM1k74slfVFWGwNPFERsmVO0EZq7v66z-aQkF7-Do11bYfoZGIE0BIrXg
.mub.me/	1970-01-21 10:09:31	Name: _ga_C4VHRTDQR4 Value: GS1.1.1730011773.1.0.1730011774.59.0.0
.adsrvr.org/	1970-01-21 09:19:07	Name: TDID Value: efded528-6196-4a0e-9aa6-d5822bc615f4
.ctnsnet.com/	1970-01-21 09:19:07	Name: cid_7a448a88396448cf925c3cb1cd02a28a Value: 1
.ctnsnet.com/	1970-01-21 09:19:07	Name: gid_CAESELzCtRmDE29vp7BUOS2KXIE Value: 1
.adform.net/	1970-01-21 01:18:10	Name: C Value: 1
.adsrvr.org/	1970-01-21 09:19:07	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIwNuvz7GXuz0QBRgFIAEoAjILCKLB0_vHl7s9EAU4AQ..
.adform.net/	1970-01-21 01:59:55	Name: uid Value: 8882328347080222764
beacon.lynx.cognitivlabs.com/	1970-01-21 09:19:07	Name: UID Value: b9c1e312-9fa1-4bdb-a73d-0f3d3277e9a5
beacon.lynx.cognitivlabs.com/	1970-01-21 09:19:07	Name: ss Value: vc1GWHbAE%2F6IVm%2F4vFucoTz57Tw6oZzDoqv18U%2B6%2B%2FqKV69bHaMPzXjQwkqVSbkUnv7PFV90gzKindfNWzmnFw%3D%3D
.inmobi.com/	1970-01-21 02:43:07	Name: idsp_c Value: a5b17afc-1e77-4d15-a9a0-a7fff7871aa2
.simpli.fi/	1970-01-21 09:20:34	Name: suid Value: 72994A6BA6534A03BF7F63045F2BCE38
.contextweb.com/	1970-01-21 09:11:55	Name: V Value: Q6mgGghIEvYu
.contextweb.com/	1970-01-21 09:11:55	Name: VP Value: part_Q6mgGghIEvYu
.contextweb.com/	1970-01-21 09:19:07	Name: pb_rtb_ev Value: 3-1ufd\|7Bj.0.CAESEMDuO7UwH2qV2LQuthtFeTQ
.contextweb.com/	1970-01-21 09:19:07	Name: pb_rtb_ev_part Value: 3-1ufd\|7Bj.0.CAESEMDuO7UwH2qV2LQuthtFeTQ
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 5507f4f7cf82715e
.zemanta.com/	1970-01-21 09:19:07	Name: zuid Value: GxGsD3QQzC7J96ksHE5j
.teads.tv/	1970-01-21 09:17:41	Name: tt_viewer Value: 8a127160-8805-43dc-90c8-dcc990316464
.admaster.cc/	1970-01-21 09:19:07	Name: __mguid_ Value: 9e90f00b60c4cd312e2jm000m2r8ccwe
.mfadsrvr.com/	1970-01-21 09:19:07	Name: tuuid Value: dcf33439-5495-4b4c-9d86-38a29abf9aac
.mfadsrvr.com/	1970-01-21 09:19:07	Name: c Value: 1730011775
.mfadsrvr.com/	1970-01-21 09:19:07	Name: tuuid_lu Value: 1730011775
.dotomi.com/	1970-01-21 00:33:31	Name: DotomiTest Value: 252a2debfcf214b5
.adx.opera.com/	1970-01-21 09:19:07	Name: UID Value: OPU3f332edc8899453687e6370e7a1a74c6
.mfadsrvr.com/	1970-01-21 09:19:07	Name: ssh Value: !google=1730011775
.creativecdn.com/	1970-01-21 09:19:07	Name: ts Value: 1730011775
.creativecdn.com/	1970-01-21 09:19:07	Name: g Value: DOFYf3XHwjk4TMVn5G0a_1730011775217
.mub.me/	1970-01-21 09:19:07	Name: FCNEC Value: %5B%5B%22AKsRol_2fyKKnGT-Fzfi3lPRmsqKrZ7wai6fzKGDVPx5noPQ3E2ZIUl_O0r1t4R1Y-W-5SxmQyXTEPlou11BgUTlV5zpJxd3QbxDhRGtkcxJY7w3UqhsScY1fXZEwuv4Qg2HHbt0QpEd3UHmj5WX-Yj6nVA8YfvmuA%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mub.me
pagead2.googlesyndication.com
static.cloudflareinsights.com
stats.g.doubleclick.net
td.doubleclick.net
www.google.ca
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
2606:4700:3032::ac43:802c
2606:4700::6810:4f49
2607:f8b0:4004:c07::61
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c1f::71
2607:f8b0:400d:c00::9c
2607:f8b0:400d:c01::71
2607:f8b0:400d:c01::9d
2607:f8b0:400d:c03::5f
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c09::84
2607:f8b0:400d:c0b::9b
2607:f8b0:400d:c0c::5e
2607:f8b0:400d:c0d::9c
2607:f8b0:400d:c1d::69
204b3748e8e1de00e5c3261c11e4cb22b6990b5bbcaf40e520fd103cdb6a4402
2085c6f7575e4d3ad73a5041212d120b0f8550f439744da02d64d8c77cf41252
20bbfd7605aec88324cadbefddb25063faadab866d71df9ec9e491261eae605c
25ddd38090949542d96065d7671d0f4e92ef8f065ea395c2dbdef533770ae0f9
2c5a4d65bdad10b6194662ff908b27d179a158aa6760079652771db519329204
36b27423345e2ce4d08e90c1f05c82935c69b6da1e1a8f711364f0ca17f645a2
47bb6e9f4c73d85eeafd0d65f3b2c1dd35d2c1fd5503ff26faea594924885430
717e3da2d782fa07dc96a891025de4a7d3f2caa1ff490937aa24e335c69ba1d2
739435046eda17230db88dd6419b48977f47fab128c6596948a9cb67e667235f
828975d22b3e8af285d3885248884273e11c09d6406874ed4793164eef285f9c
88d347e06ff2ffe8991e6d81d2de76702a6fdd3be880adb7339082283a65c12e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e21d4cb7b09881e723109a3442105dd616ab86f63d66f43a55143b61634ce3b
8fa3d92c2bbe23366cdf81964eb52cd8497a95dac318a3f1fc67194d04da3776
90e64ae2cba827754b47610e491759a9edab5475cfe0d86cfc8f2eafb4f8860f
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
a1cd2d855de937b4df2e37503cb50e9d278e7844de4193f7bee2d5ec03ec43f2
a46fbf7533b43cf3ce144b266233ca4cc914d84228a87f483689b2398dc8b5d6
a4731b2e9bc04dfdc428c6569836cc1216a8b61e67463243c3100041feef9c84
a91819cc6f4e560cd014d6078458f22b3042053e4c365cb05a36adc624703a3f
b16cdbe7c07e446bd07dd84df2f8eb7e94ff625fc726ac773f85328ea23baa56
b6a97c54b6de39c75cbaab48be0bc0f3777bea8ca945be7df72f46cd8e58cbcf
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0b56726d52a7029010c5f03bcb7bf501a5aa2be3dd645ad0edc24f27bf2df66
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5096408dcc850b6a432f6e2ce3d5906edb1957e11584e7a0fb3fc35676b0979
c5cb99f3b169d1f002385397ffcce4720439d2abd56fcb206b617b183af5c420
c74dbee3f35926d53ea3be39014be8219d412fbc0642bce70ff4953241e847ef
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fcca537bf8bc67ac1e899a59c5049abe6d8d771a9b1ee2a9e60b90d927caab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f363a663cf20b701914cfda6c7c1d1346907187bbd472090e6195a9170756187
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

mub.me Open in urlscan Pro 2606:4700:3032::ac43:802c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

100 %IPv6

10 Domains

15 Subdomains

16 IPs

1 Countries

765 kBTransfer

2477 kBSize

35 Cookies

2 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mub.me Open in urlscan Pro
2606:4700:3032::ac43:802c Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

100 %
IPv6

10
Domains

15
Subdomains

16
IPs

1
Countries

765 kB
Transfer

2477 kB
Size

35
Cookies

60 HTTP transactions
0 data transactions