urlscan.io logo urlscan.io
SecurityTrails logo

xn--mgbaiqly6b2eg.xn--ngbc5azd Open in urlscan Pro Puny
اتخاذمشغل.شبكة IDN
2606:4700:3036::6815:4b37  Public Scan

Go To Rescan Add Verdict Report
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Submission: On January 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3036::6815:4b37, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn--mgbaiqly6b2eg.xn--ngbc5azd.
TLS certificate: Issued by E1 on January 26th 2024. Valid for: 3 months.
This is the only time xn--mgbaiqly6b2eg.xn--ngbc5azd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2606:4700:3036::6815:4b37 (United States)

ASN13335 (CLOUDFLARENET, US)
xn--mgbaiqly6b2eg.xn--ngbc5azd
1    2607:f8b0:4006:809::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2607:f8b0:4006:81d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4006:808::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com.eg
1    2607:f8b0:4006:821::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4006:816::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2607:f8b0:4006:81c::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:823::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:816::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4006:81d::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
226 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
11 KB
5
function sub() { [native code] }.
127 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
54 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
266 B
1 google.com.eg
www.google.com.eg — Cisco Umbrella Rank: 33378
227 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
81 KB
27 9
Domain Requested by
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 pagead2.googlesyndication.com xn--mgbaiqly6b2eg.xn--ngbc5azd
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 xn--mgbaiqly6b2eg.xn--ngbc5azd xn--mgbaiqly6b2eg.xn--ngbc5azd
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com xn--mgbaiqly6b2eg.xn--ngbc5azd
tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com xn--mgbaiqly6b2eg.xn--ngbc5azd
1 www.google-analytics.com www.googletagmanager.com
1 www.gstatic.com xn--mgbaiqly6b2eg.xn--ngbc5azd
1 www.google.com.eg 1 redirects
1 www.googletagmanager.com xn--mgbaiqly6b2eg.xn--ngbc5azd
27 11
Subject Issuer Validity Valid
xn--mgbaiqly6b2eg.xn--ngbc5azd
E1		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Frame ID: 2922DC93798DD579A62DB390F2132217
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 6BC0D5DC0E03F7591A13FDC073E81844
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=280&slotname=8743501478&adk=4157401896&adf=1789983794&pi=t.ma~as.8743501478&w=970&fwrn=4&fwrnh=100&lmt=1706282780&rafmt=1&format=970x280&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779851&bpp=9&bdt=1052&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=6827679900377&frm=20&pv=2&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=592
Frame ID: 719E83906CF3D7CFAA3A1091984ADC28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=200&slotname=8746482852&adk=1936043957&adf=2568538834&pi=t.ma~as.8746482852&w=970&fwrn=4&lmt=1706282780&rafmt=11&format=970x200&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779860&bpp=2&bdt=1061&idt=607&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Frame ID: 17680131A58BCD4BF8C921BFB7D78803
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=280&slotname=3596784873&adk=1603345120&adf=2274467611&pi=t.ma~as.3596784873&w=970&fwrn=4&fwrnh=100&lmt=1706282780&rafmt=1&format=970x280&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779862&bpp=2&bdt=1063&idt=756&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x200&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=829
Frame ID: 858E2BC32849D39B7A3F074731A37AC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=200&slotname=8746482852&adk=1936043957&adf=1184107380&pi=t.ma~as.8746482852&w=970&fwrn=4&lmt=1706282780&rafmt=11&format=970x200&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779864&bpp=3&bdt=1065&idt=935&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x200%2C970x280&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=948
Frame ID: 799F99C54F2A99831AC28784F3F8FCA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&adk=1812271804&adf=3025194257&lmt=1706282780&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779918&bpp=3&bdt=1119&idt=931&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x200%2C970x280%2C970x200&nras=1&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=973
Frame ID: 923792A534A03D465CFCBE883E1507B5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73F8E4E41E663BE46AADF99992BF570A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D93A6D9D0DABAEB133863AE3BD4DECD5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

حمل و حدث تعريفات الويندوز، برامج التثبيت والبرمجيات للأجهزة الخاصة بك

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

96 %
HTTPS

100 %
IPv6

9
Domains

11
Subdomains

10
IPs

1
Countries

504 kB
Transfer

1457 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.google.com.eg/coop/cse/brand?form=cse-search-box&lang=ar HTTP 301
  • https://www.gstatic.com/prose/brandjs.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--mgbaiqly6b2eg.xn--ngbc5azd/ 		45 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a2fd33ebd90c90b9d5be6c87cea547764068db6c8d623a37f9df17d4ad5948b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
84b9c604598b4bbd-BUF
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 26 Jan 2024 15:26:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qad7hzYDV8%2F6ri2ueAe7TjtJsGKp56Ml2ZYl17EolcvAhPxrEhYuw1blZOAAAHJ7%2FVPvUS1yD%2BwWx%2F89S26n%2Beq2W%2F%2BUihKKWY2jW9lTHMeJDX4wGy5Oo04kQ%2BGz29RXYq1y9x5DEP2Vz9G8sIveQr1XOP%2BzqzC8CKxsYrY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main-rtl.css
xn--mgbaiqly6b2eg.xn--ngbc5azd/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/css/main-rtl.css
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ffbb1088be28db06e07d3b16a54f8b350a2aec65b7bdd808ca9aa05eda9c04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 26 Aug 2020 14:12:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f466dc3-66ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJn0RspF%2B%2B%2FROfZGTueVeA3M0vfR09bOOCILtt4%2FUE2d8dRcBcBg2zj4E0hSnCUHhXVI9qGVSIP1odSboQNnHlcKdGxr9IxNbGTv06Yz1DldXNII47brmkfVowBdK0U6gLJh2JNaULAqp4WzlfM7Jo4vI6tdQiLLM23ZSXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
84b9c607bb294bbd-BUF
alt-svc
h3=":443"; ma=86400
expires
Fri, 02 Feb 2024 15:26:19 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QEM8KFB7MQ
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff4e131d72119abb647c5e84e3877fd45a0025f5259194840ad4040158cc2fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82422
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 15:26:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15e4edd0f485b8df4081e2764debae75cb16628c7e53c9a55fa5b308ddcfe4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51415
x-xss-protection
0
server
cafe
etag
15682467793128932255
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 26 Jan 2024 15:26:19 GMT
email-decode.min.js
xn--mgbaiqly6b2eg.xn--ngbc5azd/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4b37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Jan 2024 10:32:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b38a27-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GQxkWZPpwlPakgqgLECspO4zHoxts6OSh%2BzqDaZCFJVALP%2BhAGxkr%2BXjWlddH2668IY2%2FvRFMNdyJCLLHoO9Ga47ikBAS90a1HL7vfjwMV7n0hGpNiBeIKKsqHH0xTIrg42%2FlOJBZICun6uKYT8MIXBDQ%2FDudACiiQfk6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84b9c607bb2a4bbd-BUF
expires
Sun, 28 Jan 2024 15:26:18 GMT
main.js
xn--mgbaiqly6b2eg.xn--ngbc5azd/js/ 		405 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/js/main.js
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4b37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e8f0ece7a03e5d491173cfdf9bdef83228745da022acb5293b51b425fdea1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 26 Jul 2016 14:53:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5797794c-654c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a03rPEz1DytP0PqZKL5firFMIxQCCn4NrHUBehqA%2BTFZ4pUHB6YSuLDYH6Ud1VnD1Csxp3cEp2VVs%2BoZxi%2BRB6lbH5ULe5FfZUIA3by0HaO99IYf0%2FduyDYkigeTLXzNkIovuCgUlK4Fzs7vhPEqj1neuipobntrj11ktZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
84b9c60989314bc9-BUF
alt-svc
h3=":443"; ma=86400
expires
Fri, 02 Feb 2024 15:26:19 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com.eg/coop/cse/brand?form=cse-search-box&lang=ar
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H2
Server
2607:f8b0:4006:821::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 01:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 27 Jan 2024 01:48:30 GMT

Redirect headers

date
Fri, 26 Jan 2024 15:26:19 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 26 Jan 2024 15:56:19 GMT
sprite.png
xn--mgbaiqly6b2eg.xn--ngbc5azd/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/img/sprite.png
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/css/main-rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:4b37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c48fdd3db137ec02c468211e91d3be3588ad439c45d271008803c56fc20cd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/css/main-rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:19 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2016 14:39:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57e53eb3-18b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqeCm9Miiw%2Bc%2FF%2B9TVSAxRRm8ah9%2B14SNXzmHy7B2JJf3d3SMSqxUtkOWnVlm%2Fx5xN1Pf93Z8F9wyGF%2BcLkdcAd6HZGgDtwDAjB%2BmzQlqabQXle8nA%2BIng9nkbyf7GWvSIZG4%2BbtYrsSoGap20kzfpcnHRW9ZYZeEW5Sf4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84b9c60a89a74bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
6324
expires
Fri, 02 Feb 2024 15:26:19 GMT
collect
www.google-analytics.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QEM8KFB7MQ&gtm=45je41o0v9113112311&_p=1706282779106&gcd=11l1l1l1l1&dma=0&cid=690479508.1706282780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706282779&sct=1&seg=0&dl=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&dt=%D8%AD%D9%85%D9%84%20%D9%88%20%D8%AD%D8%AF%D8%AB%20%D8%AA%D8%B9%D8%B1%D9%8A%D9%81%D8%A7%D8%AA%20%D8%A7%D9%84%D9%88%D9%8A%D9%86%D8%AF%D9%88%D8%B2%D8%8C%20%D8%A8%D8%B1%D8%A7%D9%85%D8%AC%20%D8%A7%D9%84%D8%AA%D8%AB%D8%A8%D9%8A%D8%AA%20%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D9%85%D8%AC%D9%8A%D8%A7%D8%AA%20%D9%84%D9%84%D8%A3%D8%AC%D9%87%D8%B2%D8%A9%20%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D8%A9%20%D8%A8%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1613
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QEM8KFB7MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 15:26:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--mgbaiqly6b2eg.xn--ngbc5azd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
557d8e9ad54bf0d8c82ffc8e31dae61a1b7b135a856cc38ebca1b71e22a9ae38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139759
x-xss-protection
0
server
cafe
etag
8800911679131387069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 15:26:19 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 6BC0 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
83472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 16:15:08 GMT
etag
3890843268177463596
expires
Thu, 08 Feb 2024 16:15:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin,latin-ext
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
025e4fef485f9f3f860a6385a23a53042b933ba2a80c2c9c150344acb41674d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 15:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 15:26:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 15:26:20 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 719E 		756 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=280&slotname=8743501478&adk=4157401896&adf=1789983794&pi=t.ma~as.8743501478&w=970&fwrn=4&fwrnh=100&lmt=1706282780&rafmt=1&format=970x280&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779851&bpp=9&bdt=1052&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=6827679900377&frm=20&pv=2&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=592
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c00984bd9d1033719bd9c687687ed0000fb8c9d2cc1976896875c64298bf67f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
372
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 15:26:21 GMT
expires
Fri, 26 Jan 2024 15:26:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1768 		756 B
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=200&slotname=8746482852&adk=1936043957&adf=2568538834&pi=t.ma~as.8746482852&w=970&fwrn=4&lmt=1706282780&rafmt=11&format=970x200&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779860&bpp=2&bdt=1061&idt=607&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e76f819244cb25d321d1255c14b807507e4d0746aaae1ce657c6529457a95572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
373
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 15:26:21 GMT
expires
Fri, 26 Jan 2024 15:26:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
branding.png
www.google.com/cse/static/images/1x/ar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/ar/branding.png
Requested by
Host: xn--mgbaiqly6b2eg.xn--ngbc5azd
URL: https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b51ac2ee9888e85defac0cb5f432d26e81bfaf4c0f502f7495add79faa11347a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:11:38 GMT
x-content-type-options
nosniff
age
33283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1817
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 25 Jan 2025 06:11:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 858E 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=280&slotname=3596784873&adk=1603345120&adf=2274467611&pi=t.ma~as.3596784873&w=970&fwrn=4&fwrnh=100&lmt=1706282780&rafmt=1&format=970x280&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779862&bpp=2&bdt=1063&idt=756&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x200&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=829
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5888df7d375c16eff66d124e803c287d7cddfdea35a5d3cdadf6cbf34f7a8911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 15:26:21 GMT
expires
Fri, 26 Jan 2024 15:26:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 799F 		756 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&h=200&slotname=8746482852&adk=1936043957&adf=1184107380&pi=t.ma~as.8746482852&w=970&fwrn=4&lmt=1706282780&rafmt=11&format=970x200&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779864&bpp=3&bdt=1065&idt=935&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x200%2C970x280&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=948
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec6fe6cdcbe44ea8317c12230754a3f93c749981f8902e86985485096a4a0285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
374
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 15:26:21 GMT
expires
Fri, 26 Jan 2024 15:26:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9237 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1743013083811249&output=html&adk=1812271804&adf=3025194257&lmt=1706282780&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fxn--mgbaiqly6b2eg.xn--ngbc5azd%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706282779918&bpp=3&bdt=1119&idt=931&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x200%2C970x280%2C970x200&nras=1&correlator=6827679900377&frm=20&pv=1&ga_vid=690479508.1706282780&ga_sid=1706282780&ga_hid=1471277182&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080534%2C31080620%2C44785295%2C95322182%2C95320890%2C95321626%2C95322164&oid=2&pvsid=2918209716596478&tmod=373948702&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=973
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6c1c771202c8c4a27a00223057c2a17500a066c7056234947e2988c69dd1f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5220
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 15:26:21 GMT
expires
Fri, 26 Jan 2024 15:26:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--mgbaiqly6b2eg.xn--ngbc5azd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:10:04 GMT
x-content-type-options
nosniff
age
33377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:10:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5a3cf0664233dd1e38bd366e5c345c7862f1a637847085c889cf60ba4838378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12410
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Jan 2024 15:26:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73F8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
11039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 12:22:23 GMT
expires
Sat, 25 Jan 2025 12:22:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D93A 		829 B
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4efa8fe08fb94090d3c71fd01806ff20011d9dcb4c1c765bdf0eea8c198c16ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MQ7hO_-vV2l0oItCYZx1Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MQ7hO_-vV2l0oItCYZx1Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 15:26:22 GMT
expires
Fri, 26 Jan 2024 15:26:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 73F8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
33347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 06:10:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D93A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2918209716596478&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 73F8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uxb-TQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:26:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2918209716596478&bg=!7e6l7qHNAAa8BdJLnAU7ADQBe5WfOM-eY1aCLULVQljBt54jDBoUDrYX7CXjLkq8rRozANf0-rABy9MxlxDRfFP82y4lAgAAAPxSAAAABGgBB5kC0-AgZ19Co4h2n5qh1CKzsuv8E2MJPetzXNown_j6JTvMYXIHc1EbkMVMYNBoAtR1HjZJDOGceTIqyX3BwZlYUp_z5LVrWvUCFVaPOLYGq3_5Q687145wfo3yU_EaPW48Bo8N0AJxgv7PCxywxMBuOe_0BcqaQUWJ-kCoyl0a1SmAX3msTXqso3bg_z3elXOuczdF_r-kAxevTbs5DFTgP0a_qMJ0ft5VbVlRvO5R3d82QzmgJ8LTvHjKC0kJTH9AcHJwbrpYwOV0-kFDt6bV_dsqZXng4KWutiXVG6NHYuFrGv8uFz1j1qN5u2Wt2NyygiVZg7r8hAJ_L0PID20EcO0zzdfvm6m7f8eu5w33UohDdjwNhZOX1MNVl2patkrVKBsjPVadDAiMlh9BZjxMzcVLDeOMVAemsl8-5hzAuc6P_Be8IkvYqCuElD4zXQ3vbirYIa7sybQwaMW_j7133NNAxFvHjxRSNRa4wOuNlA07BxL4BrBh4Kq-VirgSSaY07sdw9sydYHPTdLxxfgKHpjHPdJMk454iTBejCs56L04ZoEU9o15Y-dr7CiLpPdmvQdE0BV7tfMcQwlfM_FIBP8heqJ2DZ39Ma-BADwsoEcx4o2Slp-Eg8DL5Ab0c_iPgvW2htJmxbf7x-XmTMRfKlCgMrU-rAIqRTnp1t1JvMqbkSd8bpzkQ5qw8Glo8vOdQhysnZCjm3E3X84AYlP1yW_z1FLfdcglsgDnbnmpFPOVLbsaKPIoJL7px7Gk_Iu793heN_7CAFFYKmAPV7nW7lWAVrZsJeqHb1soaDtmdAm4NQe6XkGiVz8MDAv_Wshatbfp6DRe4YHGEDfApH-AgM-inlaDJ6FDpapXkzUI1SprPz29vL5cU4jP5sFzNW7eSgLbgPjrNgV1SdlAdSE_BO3bXM_cbokpPBIpmE8GlBh3xVmJv_W82RxgZzKRbdPJNq4hOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xn--mgbaiqly6b2eg.xn--ngbc5azd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| WebFontConfig function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state string| google_user_agent_client_hint number| google_rum_task_id_counter function| $ function| jQuery object| WebFont function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
xn--mgbaiqly6b2eg.xn--ngbc5azd/ Name: PHPSESSID
Value: 41adsj56qvbk7q4j3d9t0p4to2
.xn--mgbaiqly6b2eg.xn--ngbc5azd/ Name: _ga_QEM8KFB7MQ
Value: GS1.1.1706282779.1.0.1706282779.0.0.0
.xn--mgbaiqly6b2eg.xn--ngbc5azd/ Name: _ga
Value: GA1.1.690479508.1706282780
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.xn--mgbaiqly6b2eg.xn--ngbc5azd/ Name: __gads
Value: ID=e706387cad53b7fa:T=1706282781:RT=1706282781:S=ALNI_MZgwiNxIL4tB4_Ddhbk6ukbWz2Z5g
.xn--mgbaiqly6b2eg.xn--ngbc5azd/ Name: __gpi
Value: UID=00000dba3057511e:T=1706282781:RT=1706282781:S=ALNI_MaS1aeMk6WC_Zbonvf-YXovHJQTww

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.com.eg
www.googletagmanager.com
www.gstatic.com
xn--mgbaiqly6b2eg.xn--ngbc5azd
2606:4700:3036::6815:4b37
2607:f8b0:4006:808::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2004
2607:f8b0:4006:823::200a
025e4fef485f9f3f860a6385a23a53042b933ba2a80c2c9c150344acb41674d9
15e4edd0f485b8df4081e2764debae75cb16628c7e53c9a55fa5b308ddcfe4e5
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4a2fd33ebd90c90b9d5be6c87cea547764068db6c8d623a37f9df17d4ad5948b
4efa8fe08fb94090d3c71fd01806ff20011d9dcb4c1c765bdf0eea8c198c16ff
51e8f0ece7a03e5d491173cfdf9bdef83228745da022acb5293b51b425fdea1a
557d8e9ad54bf0d8c82ffc8e31dae61a1b7b135a856cc38ebca1b71e22a9ae38
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5888df7d375c16eff66d124e803c287d7cddfdea35a5d3cdadf6cbf34f7a8911
58ffbb1088be28db06e07d3b16a54f8b350a2aec65b7bdd808ca9aa05eda9c04
5c00984bd9d1033719bd9c687687ed0000fb8c9d2cc1976896875c64298bf67f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
b51ac2ee9888e85defac0cb5f432d26e81bfaf4c0f502f7495add79faa11347a
c6c1c771202c8c4a27a00223057c2a17500a066c7056234947e2988c69dd1f0a
e0c48fdd3db137ec02c468211e91d3be3588ad439c45d271008803c56fc20cd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76f819244cb25d321d1255c14b807507e4d0746aaae1ce657c6529457a95572
ec6fe6cdcbe44ea8317c12230754a3f93c749981f8902e86985485096a4a0285
f5a3cf0664233dd1e38bd366e5c345c7862f1a637847085c889cf60ba4838378
ff4e131d72119abb647c5e84e3877fd45a0025f5259194840ad4040158cc2fe1