www.vfemail.net Open in urlscan Pro
2606:4700:20::681a:41d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://havokmon.com/
Effective URL:
https://www.vfemail.net/
Submission: On December 21 via api (December 21st 2023, 5:46:23 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 40 HTTP transactions. The main IP is 2606:4700:20::681a:41d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vfemail.net.
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.

This is the only time www.vfemail.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
1 15	2606:4700:20:... 2606:4700:20::681a:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
40	8

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

havokmon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:41d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.vfemail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vfemail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:816::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	338 KB
15	vfemail.net 1 redirects www.vfemail.net vfemail.net — Cisco Umbrella Rank: 762345	78 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	43 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	havokmon.com 1 redirects havokmon.com	282 B
40	7

	Domain	Requested by
13	www.vfemail.net	1 redirects www.vfemail.net
9	pagead2.googlesyndication.com	www.vfemail.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.googleadservices.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	vfemail.net	www.vfemail.net vfemail.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	havokmon.com	1 redirects
40	9

This site contains no links.

Subject Issuer	Validity	Valid
vfemail.net GTS CA 1P5	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.vfemail.net/
Frame ID: 95C0E2724E99BA97AD4926764F7AA09A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 18214381FCF45049DECF71490D759776
Requests: 1 HTTP requests in this frame

Frame: https://www.vfemail.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 26C3C6DE6148F7F64DFFF7814C8FCA3A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3305429642691185&output=html&adk=1812271804&adf=3025194257&lmt=1703180778&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.vfemail.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703180777707&bpp=4&bdt=406&idt=438&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6515076526288&frm=20&pv=2&ga_vid=1484779294.1703180778&ga_sid=1703180778&ga_hid=2134860776&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320885&oid=2&pvsid=1524308608878848&tmod=2117271417&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=468
Frame ID: 480409E6FFC9E170080910478EC80625
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3305429642691185&output=html&h=90&slotname=9509074789&adk=606199280&adf=4115381891&pi=t.ma~as.9509074789&w=970&lmt=1703180778&format=970x90&url=https%3A%2F%2Fwww.vfemail.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703180777823&bpp=12&bdt=522&idt=362&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6515076526288&frm=20&pv=1&ga_vid=1484779294.1703180778&ga_sid=1703180778&ga_hid=2134860776&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320885&oid=2&pvsid=1524308608878848&tmod=2117271417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=369
Frame ID: 2AD816A2C9F99C8AFE2E51F1A82AA5E6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1DCC67126CE0A8B640559103693875A8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 4015CB4A64D5DC7CFE7EC4EA45DD6312
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C7DF53487925DA97AB9F35CD949CA2C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7B2AD90F46CA87979E7136D029C2008
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VFEmail ™ - Quality Email Hosting (IMAP, Webmail, POP, SMTP) For Everyone

Page URL History Show full URLs

http://havokmon.com/ HTTP 301
https://www.vfemail.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

40
Requests

95 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

524 kB
Transfer

1379 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://havokmon.com/ HTTP 301
https://www.vfemail.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.vfemail.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.vfemail.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 26

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 28

https://googleads.g.doubleclick.net/pagead/adview?ai=Cuosv6nmEZaayEKHQ998PzcSxuAe7-YXfdPH4kcuxEtbsrYyNDhABIOvt_wFgyYaAgNyjxBCgAb77w8wqyAECqQIHGvaDl8lJPqgDAcgDyQSqBMUBT9C1Saly34zdMrxSnfoKjIeeo5uE8hBxA57ckgYH_tqKTN38FH0sdaZj-5i0CunRuWbTFJ558CH26B8LOTQDHRiEw4wxE1TSEcKTPenl3id_usrPcVwCmKrncSF0dTiihR3U0c5uodl1xoHsrnLOoNnvhEBAutcZgD0-DsqRGVcihXmmtfX0_-dtCAli75dmkr1pKw63hD1pGs1E93icT5Zwbie6j0TelrVxTz1JroOO-9CxVvX7E18RfNnugmjw1umMf2vABL2F1rbBBIgF1aPk2E2SBQQIBBgBkgUECAUYBKAGAoAHvrOUrAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDB-yrSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WM3mmeqKoYMDmgk-aHR0cHM6Ly9zaXRlcy5nb29nbGUuY29tL3ZpZXcvZGVraWZyZW5jaHRyYWluaW5naW5zdGl0dXRlL2hvbWWACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtoMEAoKEPCfoaidq8yMKRICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItMzMwNTQyOTY0MjY5MTE4NRgA&sigh=v3kVbnCYS0c&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_IwEGmB3bDM81u-NiGSmuQw3xbNPfeh7c5c-_zWAo4QfQBM-eHqClNwBRTKLwP4jGsEFErkIJQz0GV3Rd_SwG7N6pJLDnRdbOP6IYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa94f1ea54088b89a0000000000000000%22,%222%22:%220xc9ea4df4ae067b30000000000000000%22,%223%22:%220x961f44b4ea9080570000000000000000%22,%224%22:%220x76b015fb8c4bf1f10000000000000000%22,%225%22:%220xd7fac5209d5d97070000000000000000%22},%22debug_key%22:%2216758208460306438058%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211434786238%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211855557178222384177%22}&andc=true

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.vfemail.net/
Redirect Chain

http://havokmon.com/
https://www.vfemail.net/

22 KB
8 KB

589ms
494ms

Document
text/html

2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1080f88f2069cf44583aee172e5c550140296a784af1734198154a9bc64551bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8391f18f1b48da87-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 17:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyhWSNRTxdea7Y0aSnX6RUru8mD6l00xQfQX%2FqnDlg1RxDrShFWKZRsQKv5DUjpMebegPoTNMcvaZOYQlgG1dK1gL8Ly8dGpfPfaZOVB5njnBfLZI3ZYADO%2Bp1IJ5zqAECXOBei63ThxV2OhNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 58
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Dec 2023 17:46:16 GMT
Location: https://www.vfemail.net
Server: ip-10-123-123-181.ec2.internal
X-Request-Id: 5f876565-1083-4aa8-aae5-e6500618ae9f

GET
H2 200 R3evH9iDt7ZmgKq-pG8-_kJARFg.js Show response
www.vfemail.net/cdn-cgi/apps/head/ 4 KB
2 KB 53ms
51ms Script
application/javascript 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vfemail.net/cdn-cgi/apps/head/R3evH9iDt7ZmgKq-pG8-_kJARFg.js
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ad0a69bff66172f0cf616cc47229391d24f542dd22ee609a2c36a5778aa1caa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: gzip
x-amz-version-id: ayqTrF8FmsiV7fFjYFjQ0RUtQ1Mq6adC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-request-id: J9SXRMYC7W0GY794
age: 283461
alt-svc: h3=":443"; ma=86400
content-length: 1558
x-amz-id-2: BRZxu6E5kg9QY+hIZiFKZpOS42oRgeP6BMc1qxmrMlyPzG85RZdbwSUgIGnheQHuuIP0kGIw2cU=
last-modified: Tue, 05 Dec 2023 17:46:32 GMT
server: cloudflare
etag: "8d09eec17cf749d0a12e302d975285c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKFXooI0QfFP6yxlYvlcVdt%2Br6nIGx1bxbk1KIxyWAJnmxbKgAhuhocp2%2BzlrxEdq9zg%2B3hs0Cuwkt99SbqeLixLEzJDjCXcPWbPfTvpp8w8Dp2KflkVXIG43rn9qPf8JXdcnxYRPabZdIwiOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8391f1924984da87-MIA

GET
H2 200 style.css
www.vfemail.net/ 5 KB
2 KB 516ms
514ms Stylesheet
text/css 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vfemail.net/style.css
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2baca238ec6767570e18b8b8500b3df2b876085451d7cd17bccff946061ba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Sep 2011 13:05:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4e773e30-1334"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwQP9QUAIgxKv7x4WY6PWkzxbKgs9TKRCeT1LAFZH78aGDf3%2FdKY0C1h4cHlv5LzXiTxrQUGhjWd7Bs6wCX5KZDTGoo%2FLnwnBHNMOp1EDEYJVEH5TDacIZE2BztqhfnpC5681cWkcXGdD%2FG5VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8391f1924981da87-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 237ms
95ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3305429642691185

Requested by

Host: www.vfemail.net
URL: https://www.vfemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2be909c43b740be093f7c91e8cf9a9b2b29801eaaf6680480c42ac807e2e731a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vfemail.net/
Origin: https://www.vfemail.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51277
x-xss-protection: 0
server: cafe
etag: 108632426457373219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:46:17 GMT

GET
H2 200 logo.jpg
www.vfemail.net/images/ 8 KB
8 KB 497ms
496ms Image
image/jpeg 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vfemail.net/images/logo.jpg
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0b6ecb4bb646994aa0c030da6b84cafc825caf7354e8a0ef64d50918e2e3441

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8110
alt-svc: h3=":443"; ma=86400
content-length: 7806
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Aug 2005 09:34:30 GMT
server: cloudflare
etag: "42f332a6-1fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNXcAtdyAFc5glI5BD6UYvl%2B0YKC%2Ffq2axqBDWun7BS4JvJX7JfHpw3qsazxS1%2Feuv1XihDhyca9yseZ13ypJF9rnm2nIwBdfGpFDK98vKEMAhL%2F8NI7HPxNIjOGUrtbcXWknaXM0YPyECAF0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8391f1924989da87-MIA

GET
H2 200 loading.gif
www.vfemail.net/images/ 2 KB
3 KB 505ms
504ms Image
image/gif 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vfemail.net/images/loading.gif
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac881ab22521f4ac608a9e933c7115228450a135c3a475523041dd999b564383

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2545, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 2093
cf-bgj: imgq:100,h2pri
last-modified: Mon, 07 May 2007 12:07:26 GMT
server: cloudflare
etag: "463f167e-9f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOdxmIg8rSCqiigxUugukLgoUpR0ilj5oQdsvB7tO3wCOnGfADmkf0wKQX16%2BGip4129mpdtjV58orSBvq0dERIvfT8kFfRBYcuSUWzTYmEa4S6t%2BRykD7uJKBygN3GAKb%2FlW2gy8pT%2F6lKAbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8391f192498dda87-MIA

GET
H2 200 traffic-light-green.png
www.vfemail.net/images/ 3 KB
4 KB 519ms
517ms Image
image/webp 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vfemail.net/images/traffic-light-green.png
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76596611a7d0d27f6d01cf90cd091edc47ab1f99b062befe3f82ddadd3e6922c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=5323
content-disposition: inline; filename="traffic-light-green.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3476
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Jul 2008 13:40:04 GMT
server: cloudflare
etag: "488491b4-14cb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnKeSOMzXSEQiQsgwmypON6zmBL33gazVvSrsjw94Pn6GXo%2FVS4K0pD6rDYjMAA1%2FMGnLS6icQX8H4KQH8nIuMAm%2BcDQ5S6cy4tr7kP6R88%2BuyglOkV8nG08wFmVY%2BQ6Da%2BYDt44ASvmdX0gqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8391f1929a3cda87-MIA

GET
H2 200 WeAcceptBitcoin.png
www.vfemail.net/images/ 11 KB
11 KB 507ms
506ms Image
image/webp 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vfemail.net/images/WeAcceptBitcoin.png
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf62d0452bf8f962b28451c3ced651cf38f947e0e6746b3189efb6cab839d1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=17755
content-disposition: inline; filename="WeAcceptBitcoin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11116
cf-bgj: imgq:100,h2pri
last-modified: Mon, 02 Dec 2013 12:46:54 GMT
server: cloudflare
etag: "529c813e-455b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbtjE%2BijIzlS5or5VXiQ0SGQYwkFYhCtotvG2sK66TIov8FasrcfbP4kZRYOUvKqDkYWl8pvwGzL9sX4VR8dDNPq5qUc5j8o8Hy1sQy%2BBQA06pz1wPMxDQzglW%2FyDy5n0BEtkOUZygYAhqeSFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8391f1929a3fda87-MIA

GET
H2 200 coinc2.jpg
www.vfemail.net/images/ 10 KB
10 KB 523ms
522ms Image
image/jpeg 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vfemail.net/images/coinc2.jpg
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 539c49a1ca8fe488a1cc3fbdbf83f8132e72bb4e1622b61cfcb38e7fd0a25f45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11348
alt-svc: h3=":443"; ma=86400
content-length: 10107
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Jul 2021 14:52:41 GMT
server: cloudflare
etag: "60ec5739-2c54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPf7eCgMCH6v5zb%2F8bLNS8yDQymVGsHxBaAL2aa%2FneHsieHiI2MVNx%2B5ZKgOCrBvgvZz16xX5u8bU3AFlHpGQXN2BA9T%2FlMSXMyVZGovG%2FGD7VVREzRDkSFIhV%2Fu40yr9zfyQ%2BG2jp6bQ6bsDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8391f1929a42da87-MIA

GET
H2 200 index.php Show response
www.vfemail.net/matomo/ 10 KB
3 KB 203ms
201ms Script
application/javascript 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vfemail.net/matomo/index.php?module=CoreAdminHome&action=optOutJS&divId=matomo-opt-out&language=auto&backgroundColor=FFFFFF&fontColor=000000&fontSize=12px&fontFamily=Arial&showIntro=1
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8dd4bea87d4e1a316ea661972233d2b681c8ba3102bbd4b5c2e028f32da67d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMIs41nTF8leeqioKeT%2Fj0Xyw5H7pyfZvf1WjIRvVppVIprP%2BlDjeidkjBWIF87ucVIqzdhKyWzwLR2rmnhJuqsc5njXbsvfGJtA%2B%2Bpwk%2BLn3oXRjYbmFrEopGosRaA5cBgJxgJ%2FJ1nF7SbLWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-matomo-request-id: 55290
content-type: application/javascript; charset=utf-8
cache-control: no-store
cf-ray: 8391f1929a37da87-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Lvh7w7CT1vwJ_9BG-hPl5aFOjVk.js Show response
www.vfemail.net/cdn-cgi/apps/body/ 1 KB
957 B 48ms
47ms Script
application/javascript 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vfemail.net/cdn-cgi/apps/body/Lvh7w7CT1vwJ_9BG-hPl5aFOjVk.js
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/cdn-cgi/apps/head/R3evH9iDt7ZmgKq-pG8-_kJARFg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3616bae3c1eee634f92887fa44c411a9ad7dd8a778dbb306d78ecdc32e32169

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: gzip
x-amz-version-id: 0CZNE.duydCcXrX13rtQu9C7dIZjm31H
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-request-id: QEQKNSNXRKYNCB63
age: 22977
alt-svc: h3=":443"; ma=86400
content-length: 500
x-amz-id-2: 1hyWp4FNYi/UGKL809Nk8bxU/LxBh9+D78GNYJ7H/yNdsQ7hTStEm6YJfmkR7dpu9x7S1vu9qMo=
last-modified: Tue, 05 Dec 2023 17:46:31 GMT
server: cloudflare
etag: "c366c1b0d054c73f4dcfad24403900e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xWq2nhAnSOosQMomdfZCuwOL3uu8rYTOdAWUvWUF1MkDDSgpQjmp%2FREkE%2BKDPLJ1gdvjzg3xDnwZk3wk9OeOXvnO55XQ412khdG1AmuJMHkPCnoWE1mJqt9bywr1vP%2Fw0WMoBiSpxSZg%2FWAuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8391f1929a44da87-MIA

GET
H2 200 matomo.js Show response
vfemail.net/matomo/ 64 KB
21 KB 557ms
528ms Script
application/javascript 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vfemail.net/matomo/matomo.js
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/cdn-cgi/apps/body/Lvh7w7CT1vwJ_9BG-hPl5aFOjVk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Nov 2023 10:11:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6565bce2-10132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ah4oo%2FQU2XIfDuzo98ScJYexyiz8ccLpBrmsmu6AtZTFDaxK5Hmhr%2Fvzw03lHz7AR9GmDCyYSGaXZCT8qpsQGrrLTLJf59K%2F3aVh5368W3bibkpFSXsFjm%2F2dAun8VDxcaTN1HTpMNKC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8391f1931b40da87-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 262ms
133ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3305429642691185

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 10942279955400410868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:46:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 1821 9 KB
4 KB 201ms
64ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3305429642691185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vfemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 15:43:18 GMT
etag: 5585625838579639069
expires: Thu, 04 Jan 2024 15:43:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 95ms
94ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3305429642691185

Requested by

Host: www.vfemail.net
URL: https://www.vfemail.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

254131b3c393e5f5075c85b954430c9bf6ed6a561f9e5f08df38728c04746c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vfemail.net/
Origin: https://www.vfemail.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51280
x-xss-protection: 0
server: cafe
etag: 10809792422748752368
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:46:17 GMT

GET
H3

200

main.js Show response
www.vfemail.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 26C3
Redirect Chain

https://www.vfemail.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.vfemail.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

42ms
42ms

Script
application/javascript

2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vfemail.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.vfemail.net
URL: https://www.vfemail.net/

Protocol

Server

2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fdb5b74dfd5b48b1288ff6e901f5f3b21988143b2713e672ea6a900be6b692

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AJk9MU2NOu%2BR3gJtMe3A%2FF8R3Z%2B6IrtU8gA%2FSya1HkRdzFzcXPa4m%2BfvA7zqs729tOJoDjltatniyw00v7KAMO1869wh2BlEjYrbpueKCO7Fb5jImIAykmLjSf0kg9UnKDlgvaDFT9TWwAQvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8391f19618ed032d-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 21 Dec 2023 17:46:17 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ2sEW9WRGbeTZtX5cjSHhlWieXDDmu9%2Bf%2FEJh5sHstZ3SFawZO2G9B8YZ1PnUh7Arat%2F4rAEnlF4zwvXgQzkyj7iYE87v9q05ZWAwzXPWkYG5wg0%2FEdBmJRAGOUukvzCKgqcKFFA%2B9uVyQKZg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8391f195d8a0032d-MIA
alt-svc: h3=":443"; ma=86400

POST
H3 200 8391f18f1b48da87 Show response
www.vfemail.net/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 26C3 0
577 B 56ms
55ms XHR
text/plain 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vfemail.net/cdn-cgi/challenge-platform/h/g/jsd/r/8391f18f1b48da87
Requested by: Host: www.vfemail.net
URL: https://www.vfemail.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 17:46:18 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGD6cnJpoAcq%2FivrsB3Knn99Fo6f%2FSEicsvejBFvKdAXiTO0tNZFvoNNDcJrG%2FxXQf%2BJwgn7aeUIaEii7uxmUk2cYEmuwm4HTZqoES3fY24AC8qdE8CVMzXyF2zQtA3QRoqK3XhyPknvpCmROQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8391f1975b11032d-MIA
alt-svc: h3=":443"; ma=86400

POST
H3 204 matomo.php
vfemail.net/matomo/ 0
427 B 588ms
587ms Ping
text/html 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vfemail.net/matomo/matomo.php?action_name=VFEmail%20%E2%84%A2%20-%20Quality%20Email%20Hosting%20(IMAP%2C%20Webmail%2C%20POP%2C%20SMTP)%20For%20Everyone&idsite=2&rec=1&r=127016&h=7&m=46&s=18&url=https%3A%2F%2Fwww.vfemail.net%2F&_id=a6befaafaeaccc7e&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=GL9Plk&pf_net=95&pf_srv=494&pf_tfr=1&pf_dm1=554&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: vfemail.net
URL: https://vfemail.net/matomo/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vfemail.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Thu, 21 Dec 2023 17:46:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXDQ909b%2B7FM2ggToG2ZXu2VmF6qtykC5K67oXaboBiT8ujttxI%2F9We5O852iUJeq%2FRxBig6ZeeFPRoA7dIcP%2FXUIImjzGXS7704Tb7mA0cTN49V%2BXeumZ2WrXegNQoWIJ7iB5OW6Mjx"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.vfemail.net
access-control-allow-credentials: true
cf-ray: 8391f1977b4d032d-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4804 0
188 B 188ms
187ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3305429642691185&output=html&adk=1812271804&adf=3025194257&lmt=1703180778&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.vfemail.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703180777707&bpp=4&bdt=406&idt=438&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6515076526288&frm=20&pv=2&ga_vid=1484779294.1703180778&ga_sid=1703180778&ga_hid=2134860776&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320885&oid=2&pvsid=1524308608878848&tmod=2117271417&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vfemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:46:18 GMT
expires: Thu, 21 Dec 2023 17:46:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AD8 102 KB
38 KB 715ms
714ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3305429642691185&output=html&h=90&slotname=9509074789&adk=606199280&adf=4115381891&pi=t.ma~as.9509074789&w=970&lmt=1703180778&format=970x90&url=https%3A%2F%2Fwww.vfemail.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703180777823&bpp=12&bdt=522&idt=362&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6515076526288&frm=20&pv=1&ga_vid=1484779294.1703180778&ga_sid=1703180778&ga_hid=2134860776&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320885&oid=2&pvsid=1524308608878848&tmod=2117271417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=369

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a7873294af0895cb068a19551d2555a4aa52fa813e58a64d96253ed947ab44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vfemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:46:18 GMT
expires: Thu, 21 Dec 2023 17:46:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9469610254795951742
tpc.googlesyndication.com/daca_images/simgad/ Frame 2AD8 11 KB
11 KB 303ms
124ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9469610254795951742

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3305429642691185&output=html&h=90&slotname=9509074789&adk=606199280&adf=4115381891&pi=t.ma~as.9509074789&w=970&lmt=1703180778&format=970x90&url=https%3A%2F%2Fwww.vfemail.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703180777823&bpp=12&bdt=522&idt=362&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6515076526288&frm=20&pv=1&ga_vid=1484779294.1703180778&ga_sid=1703180778&ga_hid=2134860776&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320885&oid=2&pvsid=1524308608878848&tmod=2117271417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=369

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b0beeb16be8584586372ed1a03253a3dc9fc5dce2d6831b690400565d746dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 19 Dec 2024 02:00:42 GMT
date: Wed, 20 Dec 2023 02:00:42 GMT
x-content-type-options: nosniff
age: 143137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11081
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 15:04:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2AD8 23 KB
9 KB 256ms
85ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 16:11:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1DCC 143 B
166 B 65ms
64ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3305429642691185&output=html&h=90&slotname=9509074789&adk=606199280&adf=4115381891&pi=t.ma~as.9509074789&w=970&lmt=1703180778&format=970x90&url=https%3A%2F%2Fwww.vfemail.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703180777823&bpp=12&bdt=522&idt=362&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6515076526288&frm=20&pv=1&ga_vid=1484779294.1703180778&ga_sid=1703180778&ga_hid=2134860776&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320885&oid=2&pvsid=1524308608878848&tmod=2117271417&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=369
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:41:36 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2AD8 3 KB
1 KB 257ms
86ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 16:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2AD8 20 KB
9 KB 233ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 16:11:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AD8 203 KB
65 KB 259ms
90ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:46:19 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2AD8 36 KB
15 KB 301ms
134ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 16:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 16:31:19 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1DCC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

91ms
91ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:46:19 GMT
expires: Thu, 21 Dec 2023 17:46:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:46:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2AD8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78ff6a9e54ef5f77d4d2a53d81e9d08f0e5dd8bc3c3263c212de6ac687adb4c8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2AD8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cuosv6nmEZaayEKHQ998PzcSxuAe7-YXfdPH4kcuxEtbsrYyNDhABIOvt_wFgyYaAgNyjxBCgAb77w8wqyAECqQIHGvaDl8lJPqgDAcgDyQSqBMUBT9C1Saly34zdMrxSnfoKjIeeo5uE8hB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa94f1ea54088b89a0000000000000000%22,%222%22:%220xc9ea4df4ae067b30000000000000000%22,%223%22:%220x961f44b...

0
0

218ms
90ms

Fetch
text/css

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa94f1ea54088b89a0000000000000000%22,%222%22:%220xc9ea4df4ae067b30000000000000000%22,%223%22:%220x961f44b4ea9080570000000000000000%22,%224%22:%220x76b015fb8c4bf1f10000000000000000%22,%225%22:%220xd7fac5209d5d97070000000000000000%22},%22debug_key%22:%2216758208460306438058%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211434786238%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211855557178222384177%22}&andc=true

Requested by

Protocol

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa94f1ea54088b89a0000000000000000","2":"0xc9ea4df4ae067b30000000000000000","3":"0x961f44b4ea9080570000000000000000","4":"0x76b015fb8c4bf1f10000000000000000","5":"0xd7fac5209d5d97070000000000000000"},"debug_key":"16758208460306438058","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11434786238"],"22":["true"],"4":["12-21"],"6":["true"]},"priority":"500","source_event_id":"11855557178222384177"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 17:46:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Dec 2023 17:46:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa94f1ea54088b89a0000000000000000","2":"0xc9ea4df4ae067b30000000000000000","3":"0x961f44b4ea9080570000000000000000","4":"0x76b015fb8c4bf1f10000000000000000","5":"0xd7fac5209d5d97070000000000000000"},"debug_key":"16758208460306438058","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11434786238"],"22":["true"],"4":["12-21"],"6":["true"]},"priority":"500","source_event_id":"11855557178222384177"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 291ms
94ms Preflight
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 17:46:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 94ms
94ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13e152ddcbf352b9b6300da29053788bd819416c832a73ce3b6b33931d9d5b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12191
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 4015 51 KB
19 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 18:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 18:40:50 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 126ms
125ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 17:46:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C7D 13 KB
5 KB 64ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vfemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 4878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 16:25:02 GMT
expires: Fri, 20 Dec 2024 16:25:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A7B2 829 B
996 B 93ms
91ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21ba99d4f00df4b82c86cdc0215d9a781ff6498bb17f9f136a8b3f399d74120a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cs4X-FO5EKdJoct3HCYf0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vfemail.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Cs4X-FO5EKdJoct3HCYf0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:46:20 GMT
expires: Thu, 21 Dec 2023 17:46:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C7D 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 15:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 15:38:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A7B2 0
0 91ms
91ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1524308608878848&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C7D 0
10 B 63ms
63ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qMZ4AQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:46:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2AD8 42 B
64 B 95ms
94ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXZlD7nCvTxzm7ao6ZK-qCIvD4tNRWUs4vExCDXLxneKJTOCrqu8itVtHde-8TQ9QZw1Utf75I7LZzwEQ1GIX_dvoi2n2LArsDCcXP9y3eX5UInnQeJIJWjgnH8u_R6k440lnia30XSH2RqDtTURfyoLWK&sai=AMfl-YSPIQstcWI9JSE4rgxGW8nIfIc6CAiSXKMRcbAw6Sorquyh6AdJSktyB0f5kP_J1O5RGXaeo9yCraV84Z1eI6n-2749lydpBdy5MOMwOhTJdmgzs_M6GRvT2GmZD1WQyL1RnOB-0bHp2xuZhVsHCQ&sig=Cg0ArKJSzD2q3ig6ZcfsEAE&cid=CAQSTwAvHhf_IwEGmB3bDM81u-NiGSmuQw3xbNPfeh7c5c-_zWAo4QfQBM-eHqClNwBRTKLwP4jGsEFErkIJQz0GV3Rd_SwG7N6pJLDnRdbOP6IYAQ&id=lidar2&mcvt=1000&p=0,121,90,849&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=606199280&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703180778193&rpt=1168&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:46:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1524308608878848&bg=!vL-lv_DNAAY3kmNgF5I7ADQBe5WfOLllDa0Mo6ikyONiF7ifI04p1l3EUWUxerVZUTUlq32Lj_aIwWNm__Qr0vG6xpSlAgAAAGVSAAAAA2gBB5kC1brxL0ns8kWpXV-q4UxydqTOzzyKxVqnJGLVZh_yWzq87Nl_isYg-9WaJneWQxlC1xsr09gD58bURe_ieCLjt5vGS7aUAEnkzVCem5CS_g-tB8QW_vsUWbs3PL1NL6q8EQSUyDvH1POfd0gQiXSIH-OIx5c1giGrF-4xVlNiI03npUL6mhCyUVV5lsQn2jTwKgOs9V4SJCakwb2KWyr2n0S9fzVEAkRvrwYIbts215jFYHiamzss89zGa0TOapekudVxf9BY7KbKjREfyMg9KFSCzXnLMaZNSnKsoXeb5dn_zrgk6PmTfqNTSUWoja7pn2Xfb5JTXpL3b9wKvSTLVsdFfA5NYZotqUgZa1p0EFK5ab5pB1MLCQd4Ah2GGFDFQjPS0UKd4aVVVbOsnNUtwyBYTlnurCfUZJo1cCHY4yDFMO1ZA3NOKnfJB-YU_dREhc2yetw7v_3NqXn0smFywQR-SnlHIDMlJgOX8adBhVKKeEzA3H5x5mW-2NyJvCrh0Yl_BbJlyoXJZK3Lf9BmICrphN1bUNv0iDtcxSwrsFjKFlko7lBSx6cqS98JYSoiATQiMQdCJxKkhg58Yylqj-2JZgsDvXaAYzOWi5Kxw3YYS0EHKLFjuchDRM6TOfyKp2klaKzqILulGBAAciX7X0lxZUkGT1YaTom_6qSUiBrjuwlyEEjghrWV5C4w4vaYwmWc_A_hnICRNGTm-vBHFkK0EMXqCfD8vaWBkIAMZzhSiaWud56Bt3JihiuvSyRufp-UNSiTsiJJNcgNsdkm8Kx29MRl3T6E59yqDkITiEiHcqgM0f3HgMqxBjWJWP-fp602W7SDSw0l0XU_r-RVap56zRKA5VjkpIQu5XxXIV3iiOgrABD9_vRVeWL-KFYU1XSLBuSAxqgTBjYhmj9LPnpV8hpWv_rRMBW1b1_C2b8iHaFWCw4QOU9OrfWZK4vlzIRgaZbC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.vfemail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vfemail.net/	1970-01-21 02:32:15	Name: _pk_id.2.d3ef Value: a6befaafaeaccc7e.1703180778.
www.vfemail.net/	1970-01-20 17:06:22	Name: _pk_ses.2.d3ef Value: 1
.vfemail.net/	1970-01-21 01:51:56	Name: cf_clearance Value: V8BM5cjJTKllyQbXxyMdtBkB5WDnJ0yJAtDD608yFPE-1703180778-0-2-367f4716.efec051d.cedb0c17-0.2.1703180778
.vfemail.net/	1970-01-21 02:27:56	Name: __gads Value: ID=a536b7c23b479833:T=1703180778:RT=1703180778:S=ALNI_MZiGfavJkWHJYyzvul1mLR4MsKzew
.vfemail.net/	1970-01-21 02:27:56	Name: __gpi Value: UID=00000dac14caf130:T=1703180778:RT=1703180778:S=ALNI_MaMukmeM914uMzj9kwcTsCoYJEnyw
.doubleclick.net/	1970-01-21 02:42:20	Name: IDE Value: AHWqTUmy5h5YNI__ZlrEF0BsOTOmqaoYpyhEkoFkXd9s4pYHFxEZQ2Of_t6ahk-d5ms
.doubleclick.net/	1970-01-20 17:06:24	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 19:15:56	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
havokmon.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
vfemail.net
www.google.com
www.googleadservices.com
www.googletagservices.com
www.vfemail.net
142.250.72.98
15.197.142.173
2606:4700:20::681a:41d
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2002
0b0beeb16be8584586372ed1a03253a3dc9fc5dce2d6831b690400565d746dee
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1080f88f2069cf44583aee172e5c550140296a784af1734198154a9bc64551bb
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
13e152ddcbf352b9b6300da29053788bd819416c832a73ce3b6b33931d9d5b1c
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21ba99d4f00df4b82c86cdc0215d9a781ff6498bb17f9f136a8b3f399d74120a
254131b3c393e5f5075c85b954430c9bf6ed6a561f9e5f08df38728c04746c62
2be909c43b740be093f7c91e8cf9a9b2b29801eaaf6680480c42ac807e2e731a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
539c49a1ca8fe488a1cc3fbdbf83f8132e72bb4e1622b61cfcb38e7fd0a25f45
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f2baca238ec6767570e18b8b8500b3df2b876085451d7cd17bccff946061ba2
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
76596611a7d0d27f6d01cf90cd091edc47ab1f99b062befe3f82ddadd3e6922c
78ff6a9e54ef5f77d4d2a53d81e9d08f0e5dd8bc3c3263c212de6ac687adb4c8
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ad0a69bff66172f0cf616cc47229391d24f542dd22ee609a2c36a5778aa1caa
a3616bae3c1eee634f92887fa44c411a9ad7dd8a778dbb306d78ecdc32e32169
a8dd4bea87d4e1a316ea661972233d2b681c8ba3102bbd4b5c2e028f32da67d0
ac881ab22521f4ac608a9e933c7115228450a135c3a475523041dd999b564383
b9fdb5b74dfd5b48b1288ff6e901f5f3b21988143b2713e672ea6a900be6b692
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e0a7873294af0895cb068a19551d2555a4aa52fa813e58a64d96253ed947ab44
e0b6ecb4bb646994aa0c030da6b84cafc825caf7354e8a0ef64d50918e2e3441
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcf62d0452bf8f962b28451c3ced651cf38f947e0e6746b3189efb6cab839d1d

www.vfemail.net Open in urlscan Pro 2606:4700:20::681a:41d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

95 %HTTPS

75 %IPv6

7 Domains

9 Subdomains

8 IPs

1 Countries

524 kBTransfer

1379 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.vfemail.net Open in urlscan Pro
2606:4700:20::681a:41d Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

95 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

524 kB
Transfer

1379 kB
Size

8
Cookies

40 HTTP transactions
1 data transactions