urlscan.io logo urlscan.io
SecurityTrails logo

pro-windows-replacement-ca.xyz Open in urlscan Pro
64.190.62.22  Public Scan

Go To Rescan Add Verdict Report
URL: https://pro-windows-replacement-ca.xyz/
Submission Tags: @phishunt_io
Submission: On March 01 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 64.190.62.22, located in Germany and belongs to SEDO-AS, DE. The main domain is pro-windows-replacement-ca.xyz.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on March 1st 2024. Valid for: a year.
This is the only time pro-windows-replacement-ca.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 64.190.62.22 47846 (SEDO-AS)
3 64.190.63.136 47846 (SEDO-AS)
1 142.250.12.155 15169 (GOOGLE)
2 142.250.96.147 15169 (GOOGLE)
1 205.234.175.175 23352 (SERVERCEN...)
6 173.194.77.102 15169 (GOOGLE)
2 142.250.96.132 15169 (GOOGLE)
16 7
1    64.190.62.22 (Germany)

ASN47846 (SEDO-AS, DE)
pro-windows-replacement-ca.xyz
3    64.190.63.136 (Germany)

ASN47846 (SEDO-AS, DE)
sedoparking.com
1    142.250.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f155.1e100.net
pagead2.googlesyndication.com
2    142.250.96.147 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: gg-in-f147.1e100.net
www.google.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
6    173.194.77.102 (United States)

ASN15169 (GOOGLE, US)
PTR: gc-in-f102.1e100.net
www.adsensecustomsearchads.com
2    142.250.96.132 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: gg-in-f132.1e100.net
afs.googleusercontent.com
Apex Domain
Subdomains		 Transfer
6 adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2527
57 KB
4 sedoparking.com
sedoparking.com — Cisco Umbrella Rank: 55301
img.sedoparking.com — Cisco Umbrella Rank: 67337
89 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9742
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
53 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
2 KB
1 pro-windows-replacement-ca.xyz
pro-windows-replacement-ca.xyz
780 B
16 6
Domain Requested by
6 www.adsensecustomsearchads.com www.google.com
www.adsensecustomsearchads.com
3 sedoparking.com pro-windows-replacement-ca.xyz
sedoparking.com
2 afs.googleusercontent.com
2 www.google.com pagead2.googlesyndication.com
sedoparking.com
1 img.sedoparking.com sedoparking.com
1 pagead2.googlesyndication.com sedoparking.com
1 pro-windows-replacement-ca.xyz
16 7

This site contains no links.

Subject Issuer Validity Valid
pro-windows-replacement-ca.xyz
Encryption Everywhere DV TLS CA - G2		 2024-03-01 -
2025-03-02		 a year crt.sh
sedoparking.com
Encryption Everywhere DV TLS CA - G2		 2024-01-05 -
2025-01-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2023-11-13 -
2024-12-14		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://pro-windows-replacement-ca.xyz/
Frame ID: E28F94E64C1C8236EA225650BAF264E6
Requests: 4 HTTP requests in this frame

Frame: https://sedoparking.com/search/registrar.php?domain=pro-windows-replacement-ca.xyz&rpv=2&registrar=sedopark&gst=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&ref=
Frame ID: 315F150B9A73F5076237A28C310AF8EA
Requests: 7 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Frame ID: EA264C909F6D42DB203CC716246E03E2
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adsafe=high&adtest=off&psid=8041558417&channel=cl-021%2Cexp-0051%2Cauxa-control-1&domain_name=pro-windows-replacement-ca.xyz&client=dp-sedo89_3ph&r=m&sc_status=0&hl=da&ivt=0&rpbu=https%3A%2F%2Fsedoparking.com%2Fcaf%2F%3Fses%3DY3JlPTE3MDkzMDQwMDMmdGNpZD1zZWRvcGFya2luZy5jb202NWUxZThjM2M2MGI0OS44Nzc4ODE4OSZ0YXNrPXNlYXJjaCZkb21haW49cHJvLXdpbmRvd3MtcmVwbGFjZW1lbnQtY2EueHl6JnJlZ2lzdHJhcj1zZWRvcGFyayZhX2lkPTMmc2Vzc2lvbj1kM1l0ZUJNdW9UWXM4XzZUYUhEYw%3D%3D%26domain%3Dpro-windows-replacement-ca.xyz&type=3&uiopt=false&swp=as-drid-2529860006851696&afdt=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301418%2C17301437%2C17301439%2C17301442%2C71847096&client_gdprApplies=0&format=r6%7Cs&nocache=7161709304004075&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=-480&dt=1709304004093&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=1600&psh=1065&frm=2&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=https%3A%2F%2Fsedoparking.com%2Fsearch%2Fregistrar.php%3Fdomain%3Dpro-windows-replacement-ca.xyz%26rpv%3D2%26registrar%3Dsedopark%26gst%3DChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY%26ref%3D&referer=https%3A%2F%2Fpro-windows-replacement-ca.xyz%2F&lao=https%3A%2F%2Fpro-windows-replacement-ca.xyz
Frame ID: 181919B997E9669D3F64A3584819284F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

pro-windows-replacement-ca.xyz

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

202 kB
Transfer

415 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pro-windows-replacement-ca.xyz/ 		1 KB
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pro-windows-replacement-ca.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.62.22 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
d98a86bd6c5122a798a849c5c173a5082e7224e2db7d4c79b84c89f39f9483b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Mar 2024 14:40:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 01 Mar 2024 14:40:02 GMT
pragma
no-cache
server
NginX
vary
Accept-Encoding
x-cache-miss-from
parking-66d644dbc6-xd85b
x-powered-by
PHP/8.1.17
park.js
sedoparking.com/frmpark/pro-windows-replacement-ca.xyz/sedopark/ 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sedoparking.com/frmpark/pro-windows-replacement-ca.xyz/sedopark/park.js
Requested by
Host: pro-windows-replacement-ca.xyz
URL: https://pro-windows-replacement-ca.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
bfd6eb2798b736a9c4f900eb7a0042f39c5f703204bfb06cbf6a6785448317fc

Request headers

Referer
https://pro-windows-replacement-ca.xyz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 01 Mar 2024 14:40:03 GMT
content-encoding
gzip
x-cache-miss-from
parking-5747c769c4-km6mz
server
NginX
x-powered-by
PHP/8.1.17
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
show_afd_ads.js
pagead2.googlesyndication.com/apps/domainpark/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Requested by
Host: sedoparking.com
URL: https://sedoparking.com/frmpark/pro-windows-replacement-ca.xyz/sedopark/park.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ge-in-f155.1e100.net
Software
sffe /
Resource Hash
3d0811a0b82d9eb1dc04827b109d12e3265e0eb119f33bacecf64d16d98ec923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pro-windows-replacement-ca.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 14:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1865
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"3052566110573081916"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Fri, 01 Mar 2024 14:40:03 GMT
ads
www.google.com/dp/ 		179 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=pro-windows-replacement-ca.xyz&afdt=create&swp=as-drid-2529860006851696&dt=1709304003469&u_tz=-480&u_his=2&u_h=1200&u_w=1600&frm=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.96.147 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
gg-in-f147.1e100.net
Software
gws /
Resource Hash
bd1cfaf14c0acacbcca1f118f2338265896857c6d12ec2c3ed28883f647daf6a
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-U2F-DjhLXXIWEj-HS222GQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pro-windows-replacement-ca.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 14:40:03 GMT
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-U2F-DjhLXXIWEj-HS222GQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, max-age=3600
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158
x-xss-protection
0
expires
Fri, 01 Mar 2024 14:40:03 GMT
registrar.php
sedoparking.com/search/ Frame 315F 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sedoparking.com/search/registrar.php?domain=pro-windows-replacement-ca.xyz&rpv=2&registrar=sedopark&gst=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&ref=
Requested by
Host: sedoparking.com
URL: https://sedoparking.com/frmpark/pro-windows-replacement-ca.xyz/sedopark/park.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
3183ece214baebc626d6fbdccd393cb08ba7e6ef390077e0ed11a72575a1a0b0

Request headers

Referer
https://pro-windows-replacement-ca.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Mar 2024 14:40:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 01 Mar 2024 14:40:03 GMT
pragma
no-cache
server
NginX
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_YTtAXBRFOi2duWd4Yf+zEA27zZC+IY6eRvHZf9YIalgkU/f1pgegiZQeokl93qkdFQvinpNo+8v9HBfLZ1d6OA==
x-cache-miss-from
parking-5747c769c4-xbdhl
x-powered-by
PHP/8.1.17
caf.js
www.google.com/adsense/domains/ Frame 315F 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: sedoparking.com
URL: https://sedoparking.com/search/registrar.php?domain=pro-windows-replacement-ca.xyz&rpv=2&registrar=sedopark&gst=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.96.147 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
gg-in-f147.1e100.net
Software
sffe /
Resource Hash
8376e91176e4353e4050275a6cc1e22b354dac6a0f20f00da44885e8b5b3927f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sedoparking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 14:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"5524008257134878169"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Fri, 01 Mar 2024 14:40:04 GMT
arrows-1-colors-3.png
img.sedoparking.com/templates/bg/ Frame 315F 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sedoparking.com/templates/bg/arrows-1-colors-3.png
Requested by
Host: sedoparking.com
URL: https://sedoparking.com/search/registrar.php?domain=pro-windows-replacement-ca.xyz&rpv=2&registrar=sedopark&gst=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
e7ff091c85669b175de49d629d7d77bd20cd08d2c16ae74deef2ab06aec5854d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sedoparking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 14:40:03 GMT
x-cf-tsc
1704985100
x-cf3
H
cf4ttl
31366816.000
x-cf1
11696:fD.yyz1:cf:cacheN.yyz1-01:H
x-cf-reqid
684b8f486f2380927189ef0327f81179
content-length
82231
x-cf2
H
last-modified
Wed, 22 Apr 2020 09:38:21 GMT
server
CFS 0215
x-cff
B
content-type
image/png
access-control-allow-origin
*
x-cfhash
"b68c0210cadb1e12efc4557d7e49e48e"
cache-control
max-age=604800
cf4age
169183
accept-ranges
bytes
expires
Fri, 08 Mar 2024 14:40:03 GMT
iframe.html
www.adsensecustomsearchads.com/afs/ads/i/ Frame EA26 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.77.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gc-in-f102.1e100.net
Software
sffe /
Resource Hash
fe3e3a5e1331fa18c22314cbb2bc9c7e5eb7ddb5e01659d9e0d07f0ef97f3282
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-5ScKUkiZt30ROrc6kTgyew' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sedoparking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
728
content-security-policy
script-src 'nonce-5ScKUkiZt30ROrc6kTgyew' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Mar 2024 14:40:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 07:00:00 GMT
pragma
no-cache
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
www.adsensecustomsearchads.com/afs/ Frame 1819 		22 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads?adsafe=high&adtest=off&psid=8041558417&channel=cl-021%2Cexp-0051%2Cauxa-control-1&domain_name=pro-windows-replacement-ca.xyz&client=dp-sedo89_3ph&r=m&sc_status=0&hl=da&ivt=0&rpbu=https%3A%2F%2Fsedoparking.com%2Fcaf%2F%3Fses%3DY3JlPTE3MDkzMDQwMDMmdGNpZD1zZWRvcGFya2luZy5jb202NWUxZThjM2M2MGI0OS44Nzc4ODE4OSZ0YXNrPXNlYXJjaCZkb21haW49cHJvLXdpbmRvd3MtcmVwbGFjZW1lbnQtY2EueHl6JnJlZ2lzdHJhcj1zZWRvcGFyayZhX2lkPTMmc2Vzc2lvbj1kM1l0ZUJNdW9UWXM4XzZUYUhEYw%3D%3D%26domain%3Dpro-windows-replacement-ca.xyz&type=3&uiopt=false&swp=as-drid-2529860006851696&afdt=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301418%2C17301437%2C17301439%2C17301442%2C71847096&client_gdprApplies=0&format=r6%7Cs&nocache=7161709304004075&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=-480&dt=1709304004093&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=1600&psh=1065&frm=2&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=https%3A%2F%2Fsedoparking.com%2Fsearch%2Fregistrar.php%3Fdomain%3Dpro-windows-replacement-ca.xyz%26rpv%3D2%26registrar%3Dsedopark%26gst%3DChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY%26ref%3D&referer=https%3A%2F%2Fpro-windows-replacement-ca.xyz%2F&lao=https%3A%2F%2Fpro-windows-replacement-ca.xyz
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.77.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gc-in-f102.1e100.net
Software
gws /
Resource Hash
6a5946ce45107cdc3bb8707394ab458f62456435df665d3072241243065ab216
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-g3oZ6Wz94ad3GlYjwkiwXQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://sedoparking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
3421
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-g3oZ6Wz94ad3GlYjwkiwXQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Fri, 01 Mar 2024 14:40:04 GMT
expires
Fri, 01 Mar 2024 14:40:04 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
tsc.php
sedoparking.com/search/ Frame 315F 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sedoparking.com/search/tsc.php?200=NTczNDcxNDE1&21=ODYuNDguMTQuMTA1&681=MTcwOTMwNDAwM2Q4ZWFiZWQ4NDVjM2NjMjEyMTU3NDUxZTQ4MWNlMWZh&crc=6f9d46c149b11f2f3dcdab83db505467e545c6de&cv=1
Requested by
Host: sedoparking.com
URL: https://sedoparking.com/search/registrar.php?domain=pro-windows-replacement-ca.xyz&rpv=2&registrar=sedopark&gst=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sedoparking.com/search/registrar.php?domain=pro-windows-replacement-ca.xyz&rpv=2&registrar=sedopark&gst=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&ref=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 14:40:04 GMT
x-cache-miss-from
parking-5747c769c4-ll2h7
server
NginX
x-powered-by
PHP/8.1.17
content-length
0
content-type
text/html; charset=UTF-8
caf.js
www.adsensecustomsearchads.com/adsense/domains/ Frame 1819 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=2
Requested by
Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adsafe=high&adtest=off&psid=8041558417&channel=cl-021%2Cexp-0051%2Cauxa-control-1&domain_name=pro-windows-replacement-ca.xyz&client=dp-sedo89_3ph&r=m&sc_status=0&hl=da&ivt=0&rpbu=https%3A%2F%2Fsedoparking.com%2Fcaf%2F%3Fses%3DY3JlPTE3MDkzMDQwMDMmdGNpZD1zZWRvcGFya2luZy5jb202NWUxZThjM2M2MGI0OS44Nzc4ODE4OSZ0YXNrPXNlYXJjaCZkb21haW49cHJvLXdpbmRvd3MtcmVwbGFjZW1lbnQtY2EueHl6JnJlZ2lzdHJhcj1zZWRvcGFyayZhX2lkPTMmc2Vzc2lvbj1kM1l0ZUJNdW9UWXM4XzZUYUhEYw%3D%3D%26domain%3Dpro-windows-replacement-ca.xyz&type=3&uiopt=false&swp=as-drid-2529860006851696&afdt=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301418%2C17301437%2C17301439%2C17301442%2C71847096&client_gdprApplies=0&format=r6%7Cs&nocache=7161709304004075&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=-480&dt=1709304004093&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=1600&psh=1065&frm=2&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=https%3A%2F%2Fsedoparking.com%2Fsearch%2Fregistrar.php%3Fdomain%3Dpro-windows-replacement-ca.xyz%26rpv%3D2%26registrar%3Dsedopark%26gst%3DChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY%26ref%3D&referer=https%3A%2F%2Fpro-windows-replacement-ca.xyz%2F&lao=https%3A%2F%2Fpro-windows-replacement-ca.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.77.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gc-in-f102.1e100.net
Software
sffe /
Resource Hash
e70c09d182294c8cc14976de6b30c52db6e53f9f10ec33bae3c595e6d7e2843b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 14:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"7940402569977756843"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Fri, 01 Mar 2024 14:40:04 GMT
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 1819 		391 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
gg-in-f132.1e100.net
Software
sffe /
Resource Hash
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Mar 2024 05:14:30 GMT
age
33934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sat, 02 Mar 2024 04:14:30 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 1819 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
gg-in-f132.1e100.net
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Feb 2024 16:26:19 GMT
age
80025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Fri, 01 Mar 2024 15:26:19 GMT
gen_204
www.adsensecustomsearchads.com/afs/ Frame 315F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo89_3ph&output=uds_ads_only&zx=dfpjrtwfe6qs&aqid=xOjhZc-xEbCenboPs8M3&psid=8041558417&pbt=bs&adbx=584&adby=212.828125&adbh=1275&adbw=432&adbah=216%2C216%2C216%2C168%2C216%2C216&adbn=master-1&eawp=partner-dp-sedo89_3ph&errv=610814804&csala=24%7C0%7C297%7C83%7C17&lle=0&ifv=1&hpt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.77.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gc-in-f102.1e100.net
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-o241zNdDhZ9hapVtoxKR7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sedoparking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-o241zNdDhZ9hapVtoxKR7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Fri, 01 Mar 2024 14:40:06 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
www.adsensecustomsearchads.com/afs/ Frame 315F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo89_3ph&output=uds_ads_only&zx=on4dgzdxy5yi&aqid=xOjhZc-xEbCenboPs8M3&pbt=bs&adbx=650&adby=1578.3125&adbh=16&adbw=300&adbn=slave-1-1&eawp=partner-dp-sedo89_3ph&errv=610814804&csala=5%7C0%7C316%7C83%7C17&lle=0&ifv=0&hpt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.77.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gc-in-f102.1e100.net
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Ppwi58x53RvQHSmDHJLgLQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sedoparking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Ppwi58x53RvQHSmDHJLgLQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Fri, 01 Mar 2024 14:40:06 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
www.adsensecustomsearchads.com/afs/ Frame 315F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo89_3ph&output=uds_ads_only&zx=s966fpubnl5h&aqid=xOjhZc-xEbCenboPs8M3&psid=8041558417&pbt=bv&adbx=584&adby=212.828125&adbh=1275&adbw=432&adbah=216%2C216%2C216%2C168%2C216%2C216&adbn=master-1&eawp=partner-dp-sedo89_3ph&errv=610814804&csala=24%7C0%7C297%7C83%7C17&lle=0&ifv=1&hpt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.77.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gc-in-f102.1e100.net
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-eGAG3ZS6lRIikqtcSFrHWA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sedoparking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-eGAG3ZS6lRIikqtcSFrHWA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Fri, 01 Mar 2024 14:40:06 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_afd_request object| setup object| contentContainer function| insertScript function| google_afd_ad_request_done function| loadGoogleToken function| loadContentFrame number| googleNDT_ number| googleAltLoader

0 Cookies

3 Console Messages

Source Level URL
Text
javascript warning URL: https://pro-windows-replacement-ca.xyz/(Line 34)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sedoparking.com/frmpark/pro-windows-replacement-ca.xyz/sedopark/park.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://pro-windows-replacement-ca.xyz/(Line 34)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sedoparking.com/frmpark/pro-windows-replacement-ca.xyz/sedopark/park.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.google.com/adsense/domains/caf.js(Line 200)
Message:
Unrecognized feature: 'attribution-reporting'.