URL: https://vulcanvalues.com/
Submission Tags: phishingrod
Submission: On September 24 via api from DE — Scanned from CA

Summary

This website contacted 14 IPs in 1 countries across 11 domains to perform 38 HTTP transactions. The main IP is 2606:4700:10::6816:46c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is vulcanvalues.com.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time vulcanvalues.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 714
www.google.com — Cisco Umbrella Rank: 3
77 KB
7 vulcanvalues.com
vulcanvalues.com
16 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
227 KB
3 rbxcdn.com
tr.rbxcdn.com — Cisco Umbrella Rank: 10469
684 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
2 gstatic.com
fonts.gstatic.com
36 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
105 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 685
7 KB
1 4gamers.be
images.4gamers.be
66 KB
38 11
Domain Requested by
11 fundingchoicesmessages.google.com vulcanvalues.com
7 vulcanvalues.com vulcanvalues.com
static.cloudflareinsights.com
4 pagead2.googlesyndication.com vulcanvalues.com
pagead2.googlesyndication.com
3 tr.rbxcdn.com vulcanvalues.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com vulcanvalues.com
1 fonts.googleapis.com vulcanvalues.com
1 static.cloudflareinsights.com vulcanvalues.com
1 images.4gamers.be vulcanvalues.com
38 13

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
vulcanvalues.com
WE1
2024-09-23 -
2024-12-22
3 months crt.sh
*.rbxcdn.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-07-30
a year crt.sh
images.4gamers.be
Amazon RSA 2048 M02
2023-12-24 -
2025-01-21
a year crt.sh
cloudflareinsights.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh

This page contains 5 frames:

Primary Page: https://vulcanvalues.com/
Frame ID: 25DDE8242E8CCA9E96C9460CCBC48061
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240919/r20110914/zrt_lookup_fy2021.html
Frame ID: A8B1BA93DD8948C3D60767C9A6B32F62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-7519872376946974&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727169348&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fvulcanvalues.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&aiepr=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727169348406&bpp=5&bdt=1230&idt=532&shv=r20240919&mjsv=m202409180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7884223659370&frm=20&pv=2&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95331687%2C95331832%2C95341936%2C95342766%2C31087282%2C95335249%2C95339678&oid=2&pvsid=3910193864349146&tmod=1560651003&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=555
Frame ID: AB7D97EEE2A9151B1B155E688FAF9392
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86C4FA65EBC8AFA93B0B1651C9D0BDA9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDFB6C03A6EAA4B37ACA5D379A285B0A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Vulcan | Main Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

38
Requests

97 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

14
IPs

1
Countries

1220 kB
Transfer

2082 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vulcanvalues.com/
30 KB
4 KB
Document
General
Full URL
https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
57628a62bd68fbcf1a83bf3a597c924591d8fffab81ba39a0273a943807c305c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c81ac01ad17ac24-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 09:15:47 GMT
server
cloudflare
x-powered-by
Express
style.css
vulcanvalues.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://vulcanvalues.com/style.css
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4c577027141f492fbe05ad4a4b42418e17e43bbe93ecae38ed8dbfe0f22d622f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

server
cloudflare
cache-control
public, max-age=7200
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"11c2-18f6c284218"
cf-ray
8c81ac03fe2fac24-YYZ
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
text/css; charset=UTF-8
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sun, 12 May 2024 09:35:28 GMT
icon.webp
vulcanvalues.com/
6 KB
6 KB
Image
General
Full URL
https://vulcanvalues.com/icon.webp
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c5e6c8ec05062c3c4606aeda0c01eac64f4539d3f1a814e5cb61b6012bd05421

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

server
cloudflare
cache-control
public, max-age=7200
cf-cache-status
REVALIDATED
etag
W/"1880-18eadf98a72"
cf-ray
8c81ac03fe31ac24-YYZ
accept-ranges
bytes
content-length
6272
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
image/webp
x-powered-by
Express
vary
Accept-Encoding
last-modified
Fri, 05 Apr 2024 11:16:36 GMT
Png
tr.rbxcdn.com/0ec932dfa7a48e4b98508b15411372d4/768/432/Image/
566 KB
567 KB
Image
General
Full URL
https://tr.rbxcdn.com/0ec932dfa7a48e4b98508b15411372d4/768/432/Image/Png
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a68 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
02967e0f00576888cdf641807ea652ae7498720a7510b64cf04791c7813f58ae
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

x-roblox-edge
ord2
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
access-control-allow-methods
GET
expires
Wed, 24 Sep 2025 09:15:47 GMT
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
image/Png
roblox-machine-id
74abce860745
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=3600
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control
max-age=31536000
x-roblox-region
us-central
akamai-request-bc
[a=23.57.70.104,b=1893329138,c=g,n=US_NJ_SECAUCUS,o=20940]
access-control-allow-origin
*
content-length
579918
server
Kestrel
Jpeg
tr.rbxcdn.com/129e0b19cdbdb4d400581f81d7aa2c98/500/280/Image/
42 KB
42 KB
Image
General
Full URL
https://tr.rbxcdn.com/129e0b19cdbdb4d400581f81d7aa2c98/500/280/Image/Jpeg
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a68 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
62dcc040d9c46b8e76c855d0e2031d8124baefae9afb65abaa3bcc408c895fc9
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

x-roblox-edge
iad4
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
access-control-allow-methods
GET
expires
Wed, 24 Sep 2025 09:15:47 GMT
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
image/Jpeg
roblox-machine-id
6eed49b96703
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=3600
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control
max-age=31536000
x-roblox-region
us-central
akamai-request-bc
[a=23.57.70.104,b=1893329139,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_PISCATAWAY,o=20940]
access-control-allow-origin
*
content-length
42497
server
Kestrel
Webp
tr.rbxcdn.com/af8187431074d8377a331fca46ec890f/768/432/Image/
74 KB
74 KB
Image
General
Full URL
https://tr.rbxcdn.com/af8187431074d8377a331fca46ec890f/768/432/Image/Webp
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a68 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
d494aa0a0423090bf74fa99f07199b3447f9b562af2a142dee7cf1f7637aea0c
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

x-roblox-edge
iad4
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
access-control-allow-methods
GET
expires
Wed, 24 Sep 2025 09:15:47 GMT
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
image/Webp
roblox-machine-id
6bdf8c7d-a1fc-a50f-8208-b3e3970b0a14
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=3600
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control
max-age=31536000
x-roblox-region
us-central
akamai-request-bc
[a=23.57.70.104,b=1893329137,c=g,n=US_NJ_SECAUCUS,o=20940],[c=c,n=US_NJ_EDISON,o=20940]
access-control-allow-origin
*
content-length
75666
server
Kestrel
-PC-633b.jpg
images.4gamers.be/game-primary/2023/09/11/large/
65 KB
66 KB
Image
General
Full URL
https://images.4gamers.be/game-primary/2023/09/11/large/-PC-633b.jpg
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-94.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0a3f79d588e6cae1448b9ed991625c9574a3fdf622f0fc39ac7a9d4049992e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

etag
"786732a2d7cb3f214af2d0310768e2c1"
age
55443
via
1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
66794
x-amz-cf-id
lgflg3aosl-tHJ-a_MBJXrw18Kf-X64SJ0ZCw9Kr8UEGiIKPC5gpaQ==
date
Mon, 23 Sep 2024 17:51:45 GMT
content-type
image/jpeg
last-modified
Mon, 11 Sep 2023 09:56:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
rocket-loader.min.js
vulcanvalues.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://vulcanvalues.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66e7fb1c-302c"
x-content-type-options
nosniff
cf-ray
8c81ac043e47ac24-YYZ
expires
Thu, 26 Sep 2024 09:15:47 GMT
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 09:32:12 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://vulcanvalues.com
Referer
https://vulcanvalues.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8c81ac05a868ab5a-YYZ
access-control-allow-origin
*
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 09:15:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 24 Sep 2024 08:53:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/
316 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GW189JLGRF
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab4e37db6584d4702ee7605ad5d42ef73c9210047ff458b56ebd0ceb5aeb7f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Tue, 24 Sep 2024 09:15:48 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107310
date
Tue, 24 Sep 2024 09:15:48 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
153 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7519872376946974
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5163e589eb45233b00cf99a65af79b3c51e8285b3ed837de08a8a6242f098e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://vulcanvalues.com
Referer
https://vulcanvalues.com/

Response headers

content-encoding
br
etag
4213407411138401138
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 09:15:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 24 Sep 2024 09:15:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52637
x-xss-protection
0
server
cafe
pub-7519872376946974
fundingchoicesmessages.google.com/i/
200 KB
66 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/pub-7519872376946974?ers=1
Requested by
Host: vulcanvalues.com
URL: https://vulcanvalues.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1affad6937f2bddb998393ec8eaae90307bad3ccdc2525eb086ebe92559708c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yvn-eC-u0EIufLeGjSeaqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:48 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNCQYjhx6zbTBSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUH4iURF1mPJF5kNVS4xOoMxI5Fl1g9gfj-ukusz4F478dLrEeBeNn9y6zrgLhI4gprCxD7eF1hDQFiIW6OI22ntrMJ7Fi9JFhJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDSyEjPwDi-wAAAPflNzg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yvn-eC-u0EIufLeGjSeaqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://vulcanvalues.com
Referer
https://fonts.googleapis.com/

Response headers

age
493647
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:08:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:08:21 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://vulcanvalues.com
Referer
https://fonts.googleapis.com/

Response headers

age
494139
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:00:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:00:09 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
rum
vulcanvalues.com/cdn-cgi/
0
166 B
XHR
General
Full URL
https://vulcanvalues.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://vulcanvalues.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8c81ac0ab879ac24-YYZ
access-control-allow-origin
https://vulcanvalues.com
date
Tue, 24 Sep 2024 09:15:48 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
icon.webp
vulcanvalues.com/
6 KB
0
Other
General
Full URL
https://vulcanvalues.com/icon.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c5e6c8ec05062c3c4606aeda0c01eac64f4539d3f1a814e5cb61b6012bd05421

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

server
cloudflare
cache-control
public, max-age=7200
cf-cache-status
REVALIDATED
etag
W/"1880-18eadf98a72"
cf-ray
8c81ac03fe31ac24-YYZ
accept-ranges
bytes
content-length
6272
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
image/webp
x-powered-by
Express
vary
Accept-Encoding
last-modified
Fri, 05 Apr 2024 11:16:36 GMT
icon.webp
vulcanvalues.com/
6 KB
0
Other
General
Full URL
https://vulcanvalues.com/icon.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c5e6c8ec05062c3c4606aeda0c01eac64f4539d3f1a814e5cb61b6012bd05421

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

server
cloudflare
cache-control
public, max-age=7200
cf-cache-status
REVALIDATED
etag
W/"1880-18eadf98a72"
cf-ray
8c81ac03fe31ac24-YYZ
accept-ranges
bytes
content-length
6272
date
Tue, 24 Sep 2024 09:15:47 GMT
content-type
image/webp
x-powered-by
Express
vary
Accept-Encoding
last-modified
Fri, 05 Apr 2024 11:16:36 GMT
AGSKWxUnz0oxsQXHpo6wkvGnsiGOi37c88eFUZASrKF5fR5nb_m2K4AH2fl1VgGDmMa7BQ04kQRh4-hBgGrRjMpyS-DY_trHDj5dwJGS6xUyVHewrAJM_ji4YnxoTvqniVZudBaQQ5vG1A==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUnz0oxsQXHpo6wkvGnsiGOi37c88eFUZASrKF5fR5nb_m2K4AH2fl1VgGDmMa7BQ04kQRh4-hBgGrRjMpyS-DY_trHDj5dwJGS6xUyVHewrAJM_ji4YnxoTvqniVZudBaQQ5vG1A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MTY5MzQ4LDM2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly92dWxjYW52YWx1ZXMuY29tLyIsbnVsbCxbWzgsIkhkMXJhU3ZhbzZjIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7422d28a2b2fec8aed32ba84fb57a35e433efd3df23f5a29b505a559bfb44f42
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SiSRBLG5LvjKCbQcEJrwQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:48 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgbhI4gprCxD7eF1hDQFiIR6OI22ntrMJXHh74TijkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBpZGRnoFxfIEBAHCSRPk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SiSRBLG5LvjKCbQcEJrwQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409180101/
410 KB
137 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409180101/show_ads_impl_fy2021.js?bust=31087282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7519872376946974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34d321ecb51f9320ebb897a71b0d018aa208ac480bd00f381a62bc35c5980db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
br
etag
16951927950525228263
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 09:15:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 24 Sep 2024 09:15:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
140662
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GW189JLGRF&gtm=45je49j0v9181510785za200&_p=1727169348216&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=244675577.1727169348&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727169348&sct=1&seg=0&dl=https%3A%2F%2Fvulcanvalues.com%2F&dt=Vulcan%20%7C%20Main%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1841
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GW189JLGRF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://vulcanvalues.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 09:15:48 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240919/r20110914/ Frame A8B1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240919/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409180101/show_ads_impl_fy2021.js?bust=31087282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vulcanvalues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
3355
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Sep 2024 08:19:54 GMT
etag
14908419571193397619
expires
Tue, 08 Oct 2024 08:19:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AB7D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-7519872376946974&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727169348&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fvulcanvalues.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&aiepr=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727169348406&bpp=5&bdt=1230&idt=532&shv=r20240919&mjsv=m202409180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7884223659370&frm=20&pv=2&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95331687%2C95331832%2C95341936%2C95342766%2C31087282%2C95335249%2C95339678&oid=2&pvsid=3910193864349146&tmod=1560651003&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=555
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409180101/show_ads_impl_fy2021.js?bust=31087282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vulcanvalues.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Sep 2024 09:15:49 GMT
expires
Tue, 24 Sep 2024 09:15:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240919&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409180101/show_ads_impl_fy2021.js?bust=31087282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a62c904be38a62a416f5e7216622b0a754fa18754a95e06182d1b9dadd6713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12726
date
Tue, 24 Sep 2024 09:15:49 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409180101/show_ads_impl_fy2021.js?bust=31087282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
etag
"1637097310169751"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 09:15:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6386
x-xss-protection
0
server
sffe
_.js
fundingchoicesmessages.google.com/f/AGSKWxWoL_mH3MfunEgJADu_yvDOGIwI-XaUfXH9bxwLSP64OOqO5ysGXGN8WIc8SoocgrfWIkiHYgSVgZ1dk_rGOKKHiDecm8cVYWWUXx82WBjM91To4OxPhZVNC1uY551LjqZ49t-piHd7DkNqUCTxSodvkd1WF...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWoL_mH3MfunEgJADu_yvDOGIwI-XaUfXH9bxwLSP64OOqO5ysGXGN8WIc8SoocgrfWIkiHYgSVgZ1dk_rGOKKHiDecm8cVYWWUXx82WBjM91To4OxPhZVNC1uY551LjqZ49t-piHd7DkNqUCTxSodvkd1WFusiA6qBS996EYZZj1gBm3zOIROS0Jg3/_.js?dfp=&adflag=/banner-ad./adtabs._adbanner_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyoYz3iu72FOL3WIuq2OG7E3XM_eQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9f5d74a7d0c012451eb4a4daddea94ebab21e7772afbaca3ca7864736a8815d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JL-oNyJmkESdEoRqHI8yVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgbhI4gprCxD7eF1hDQFiIW6Oo22ntrMJHGiY5qqkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBpZKRnYBxfYAAAA-tDvw"
content-security-policy
script-src 'report-sample' 'nonce-JL-oNyJmkESdEoRqHI8yVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
50 KB
18 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyoYz3iu72FOL3WIuq2OG7E3XM_eQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3ac39dc74469570ab947df9005c8588168bf94d24081d8173a8cf4a20fb81b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
br
etag
16501442136747816086
age
3514
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 09:17:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 24 Sep 2024 08:17:15 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
18801
x-xss-protection
0
server
cafe
AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5RzD8RdNB0eTIdq3A8ouAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vulcanvalues.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOtp3aziYw48jTQ4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0shIz8A8vsAAAGYsLkk"
content-security-policy
script-src 'report-sample' 'nonce-5RzD8RdNB0eTIdq3A8ouAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vulcanvalues.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xLIePWTLwImqvMyEuTC_8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vulcanvalues.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0gDi9BmsIUDsrnWR1R-Il0RcZD2SeJF178dLrEeBWIiH42jbqe1sAg0TzxxmVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBpZGRnoG5vEFBgBIJS3j"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xLIePWTLwImqvMyEuTC_8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vulcanvalues.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Gx3oS6sNu7WL5Rctai9Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vulcanvalues.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOtp3azibw4PmPw4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0shIz8A8vsAAAI3lLs4"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Gx3oS6sNu7WL5Rctai9Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vulcanvalues.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWKzMlLg9j5Uyg0KlDVKCEjQ-WSn4XtB6AlHl76JeUlbHOu77ccS9rZdHZyBlE8QQdufeCkEt5g3sZfPffxxcN9FQZw59r4MACTt5oTr5glNMyIiOs4QQibfeOkYu2p5oggSXzXQw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-suqH8hbl1WT4tI3qUi03Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vulcanvalues.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOtp3azibw4eOLQ4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0shIz8A8vsAAAI5JLtI"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-suqH8hbl1WT4tI3qUi03Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vulcanvalues.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWsNq_Bb-G1PMWTUB5pmlsOPjovktPavaMAfkDzdaLXF5Dd4l8D5pCphYZeXtoQE04ra2R643N5F1VHIr7fxEY8yEOgjU3vCYxWTLkSSeiODD2S96aXzarxXUWdMQWPytIgoq-0ag==
fundingchoicesmessages.google.com/f/
8 KB
3 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWsNq_Bb-G1PMWTUB5pmlsOPjovktPavaMAfkDzdaLXF5Dd4l8D5pCphYZeXtoQE04ra2R643N5F1VHIr7fxEY8yEOgjU3vCYxWTLkSSeiODD2S96aXzarxXUWdMQWPytIgoq-0ag==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MTY5MzQ5LDIwMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdnVsY2FudmFsdWVzLmNvbS8iLG51bGwsW1s4LCJIZDFyYVN2YW82YyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50ea53b0d74702da772b0912d794b4e8d432b20febd2ed68be88d2186223b269
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2koga39w_kPrUcNW-fMX6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgbhI4gprCxD7eF1hDQFiIR6Oo22ntrMJLDj0sZtRSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA0shIz8A4vsAAAF5KRIg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2koga39w_kPrUcNW-fMX6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWxiCwYQ_TxvViXOXLyIMCibNUwUIcvsdTzUirdocLWJn44cuVjMz9ZpJhWfmrAB1jBpRxYr1XXWQ-WqBRMH8tqvQYLM0JSJVOXBlujtF60veUgcRgdeo5QYoHVJ17WWN50NmnUoA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWxiCwYQ_TxvViXOXLyIMCibNUwUIcvsdTzUirdocLWJn44cuVjMz9ZpJhWfmrAB1jBpRxYr1XXWQ-WqBRMH8tqvQYLM0JSJVOXBlujtF60veUgcRgdeo5QYoHVJ17WWN50NmnUoA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MTY5MzQ5LDM2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdnVsY2FudmFsdWVzLmNvbS8iLG51bGwsW1s4LCJIZDFyYVN2YW82YyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
326e5db8135e37503ac3a1138abf8e1acb26d7ed93314b5bac150128423240e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jLclS-a1H2ccZryPdAZEpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgbhI4gprCxD7eF1hDQFiIR6Oo22ntrMJXLjScYxRSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA0shIz8A4vsAAAF91RJg"
content-security-policy
script-src 'report-sample' 'nonce-jLclS-a1H2ccZryPdAZEpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86C4
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vulcanvalues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
3353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Sep 2024 08:19:56 GMT
expires
Wed, 24 Sep 2025 08:19:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FDFB
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kan-CLXB3wBXNLDwlWMwJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vulcanvalues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kan-CLXB3wBXNLDwlWMwJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Sep 2024 09:15:49 GMT
expires
Tue, 24 Sep 2024 09:15:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVekWSTHF8vNHWL38MxS3YlpjrIzG4dT11qhoTFQnfp01Yx0ySzz1IxGbjVKEeYD5_t1WCEhxo8tXaGiXMYhKrmDzVYm3N2ak8WDXt9tQlgjR_XzNGIman3b0AkzA_f44H-y11EbA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVekWSTHF8vNHWL38MxS3YlpjrIzG4dT11qhoTFQnfp01Yx0ySzz1IxGbjVKEeYD5_t1WCEhxo8tXaGiXMYhKrmDzVYm3N2ak8WDXt9tQlgjR_XzNGIman3b0AkzA_f44H-y11EbA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3MTY5MzQ5LDQ3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly92dWxjYW52YWx1ZXMuY29tLyIsbnVsbCxbWzgsIkhkMXJhU3ZhbzZjIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
902dd87328d515509ee641a47aaf816aa2e320e3e7fecd4c3f7764b845c15b4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EJrgtZWb7rUKU5LYPyKaUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://vulcanvalues.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgbhI4gprCxD7eF1hDQFiIR6Oo22ntrMJHLjQ_J1RSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA0shIz8A4vsAAAGFsRK0"
content-security-policy
script-src 'report-sample' 'nonce-EJrgtZWb7rUKU5LYPyKaUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVh3yuyk2-U9kDdl6hCl6ejdG_7kysTCsObbUYWuVCzSF7dHL7gGyN0QwPsX6_ujFlCoBQ5LEP2-NPWgDBYwt9oZsT5RBixKLOR5W9kFMQ8p-7rXhL8iPvCpHgCQnkxv7Of74eWMQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVh3yuyk2-U9kDdl6hCl6ejdG_7kysTCsObbUYWuVCzSF7dHL7gGyN0QwPsX6_ujFlCoBQ5LEP2-NPWgDBYwt9oZsT5RBixKLOR5W9kFMQ8p-7rXhL8iPvCpHgCQnkxv7Of74eWMQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Hd1raSvao6c.es5.O/am=QDA/d=1/rs=AJlcJMwi0sEDgzMs6k5Owc3QcA8aGR7vig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rXqRpUrlwzwtUfMMmT771w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vulcanvalues.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 09:15:49 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOtp3aziZw4OGyhUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0shIz8A8vsAAAGGmLjQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rXqRpUrlwzwtUfMMmT771w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vulcanvalues.com
content-length
0
x-xss-protection
0
server
ESF
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240919&jk=3910193864349146&bg=!YGOlYyzNAAbWYrMm9mI7ADQBe5WfOMm7JcjOhnayjbMR3PPJiooOaQJc-KXbEv12Hip_QCCY-_yAQDiBmaJfaHn0hdj6AgAAAE5SAAAAA2gBB34ANoha21YMlPojugtcNGcRSwXssgGt85Ol8JX2n3SlnbPKcXtfqiwZPXPdXHU5xDw8Qh3NrsfjOgoAejNLYdd3XJ4crLOQhPK05ECKWadYltifak_JoT2ou3IBqBvZ9_Ub0a3YIrACU_wx2Afj8znCiFUl2AZfqJMS7vtxpj_CJph33zEEM6y2m1xx5_I0aeuPUSS8Hjr5RYgKfnRqlCXEhyV2VMbdtezW6bm9w3TWpS0iOvfmmQKcyrxOPkrxpA1t_c1GLD4e5I81y3-XI8hJhhxVXjk_t7Sfg3PZ-7jY1s0faLkW1-pF-v3NWGgszAy6gkF3p7HLqZcQVFR4OFs5QcKdU9XEges-5FUSie32KiI9uULiZYl0iCLS_w0IBs3Iheb4WHnKOHuno7AKDPoCa0M9I6rhmIqPVzjMUXMGfJSJXSAztTxzeG9YVxxWQXhhnBpyvtdW-oGMnPuTPkeqij1GUlUdBgFjlVcJyM4HRiJAT5dWnbBBHzRvlqXerJTspWJRXdmOoQm4EKOq2BZDTF46D5LuqZZyckQkplCy8wTtyXBHSUwrQhdRNEvEnT1KgES1hScQpK2lkitlVd6WdQzNTZDSXLFzPPrQX9T4x_6itIdAc6k3GhLb-eoooKs7AsrTDDf7LfTA98kMpAsC1iR6LFN1JuUOd0oFkDEdjH6qrw8oZo3uh1pPoj2U7x3aoJI9jDDTjhBEI_U9qbI8gBou5djkAns8EhxfoONU4lfbd6YouIEf90nSjz2wf8QQ5wmXFBKYxe0-kWLh3YWHG2JbbtmDjJQmev7tAGAp8A3rcoSp_dFkkISxXeYKE-3nW1Vudhh4-MWG63hNuf_l3kvkiC7xvOKdq-7H6DiD8nhJ_iGIWo-HnM0Xx8Wy6GvEZuKSvgdcM8pYqGzBKJjY0yZ-KCvMe4YUZsGizpYqw91J2Vl2sr-YqhOZ1gD46FNw0ZtOKvLa1gYHmf-PpeGiqRRQupZmFGkL5Sw9QWbsvUvl_pQDm_3HRrbNyqgSwsQasLZC-Hdfvte4p7W4Z3jaweZP-efYRZCkSrGF3KkMEp_jpsMw1hWXSL4In8QC8W5oTFjLq-HlIyvAGbTZiiTZtIWC1uNmm8f0QNNJ99eauAmlItk

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| __cfQR object| __cfBeacon function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ggeac string| YjUyZTNmZjI5NDk3ZDllNWxvYWRlcl9qcw== string| YjUyZTNmZjI5NDk3ZDllNWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| bcbfb34a-152b-4182-8209-4f4c2f012d1f object| google_image_requests

4 Cookies

Domain/Path Name / Value
.vulcanvalues.com/ Name: _ga_GW189JLGRF
Value: GS1.1.1727169348.1.0.1727169348.0.0.0
.vulcanvalues.com/ Name: _ga
Value: GA1.1.244675577.1727169348
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.vulcanvalues.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8DnNTu7tQ723bXqhUHVqiZrKFLp5Gh4jGmI3mt1zIFo80DISbU6Lurj8wPREnk5Za_GlhzVFuqvyAuTmVJzEUd_mEuq4bb92Zc-_LzPrpdcgiX2t93Scq0BWF9mDEPzIfeKioiey7IYyMedg9haw-T9Ggg3g%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.4gamers.be
pagead2.googlesyndication.com
static.cloudflareinsights.com
tpc.googlesyndication.com
tr.rbxcdn.com
vulcanvalues.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
108.139.47.94
2600:141b:1c00:30::1739:5a68
2606:4700:10::6816:46c6
2606:4700::6810:5049
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2004
2607:f8b0:4006:816::2008
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2003
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::200a
02967e0f00576888cdf641807ea652ae7498720a7510b64cf04791c7813f58ae
1affad6937f2bddb998393ec8eaae90307bad3ccdc2525eb086ebe92559708c1
326e5db8135e37503ac3a1138abf8e1acb26d7ed93314b5bac150128423240e0
34d321ecb51f9320ebb897a71b0d018aa208ac480bd00f381a62bc35c5980db4
4c577027141f492fbe05ad4a4b42418e17e43bbe93ecae38ed8dbfe0f22d622f
50ea53b0d74702da772b0912d794b4e8d432b20febd2ed68be88d2186223b269
57628a62bd68fbcf1a83bf3a597c924591d8fffab81ba39a0273a943807c305c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dcc040d9c46b8e76c855d0e2031d8124baefae9afb65abaa3bcc408c895fc9
7422d28a2b2fec8aed32ba84fb57a35e433efd3df23f5a29b505a559bfb44f42
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
902dd87328d515509ee641a47aaf816aa2e320e3e7fecd4c3f7764b845c15b4a
a4a62c904be38a62a416f5e7216622b0a754fa18754a95e06182d1b9dadd6713
ab4e37db6584d4702ee7605ad5d42ef73c9210047ff458b56ebd0ceb5aeb7f9d
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
b9f5d74a7d0c012451eb4a4daddea94ebab21e7772afbaca3ca7864736a8815d
c5e6c8ec05062c3c4606aeda0c01eac64f4539d3f1a814e5cb61b6012bd05421
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d494aa0a0423090bf74fa99f07199b3447f9b562af2a142dee7cf1f7637aea0c
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e0a3f79d588e6cae1448b9ed991625c9574a3fdf622f0fc39ac7a9d4049992e8
e3ac39dc74469570ab947df9005c8588168bf94d24081d8173a8cf4a20fb81b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5163e589eb45233b00cf99a65af79b3c51e8285b3ed837de08a8a6242f098e3