a.xyz123.us.kg Open in urlscan Pro
172.67.190.100  Public Scan

39 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 113

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

• https://securepubads.g.doubleclick.net/pagead/adview?ai=CnGj7WZhXZu75Atm_jvQP9YKbsAqcvsDOd6DHy6LdEbGQHxABII71wktgye6Oi8CkjBCgAffim7QoyAEC4AIAqAMByAMIqgS3Ak_QrqEyBy_XK6AcoJFeoWeMk2uFRebvomoupQ8OrhiFYPsnuvKmS7mmJzXVBOVGZSp2GsEeaN6e0tFCZpJHazvQbzNm3FnMvckCN9PeNB7_uL0N7Zcll7haL4qVk24s2josPr5gPxwvyFDkEiC_wCCs8xr9vv2-RIq4yHW-CaRErV1khgxPQg0p0UO0jnVqDgvXqZc7jHiHm11xGiEUAVKf3q4hqRcw5V9saCllO9W-6JyLwe4_scLOfaoo018WL5N2O1nAMw2VG4YPioimDpftPfZS9FWYIUFaIC6RMeND2lPd3CLOW5t_fPnF46IZhBjepgS6X6S6UwaxDjmjMaBu6U2MH84sSPi2gXcmNmYVTAOo5jNNfYXobCmusRlCxfsC6xAEDLQZGf970sWbbCKvNRPjfW6PwATcksD5wQTgBAGIBbO1yJ1NkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQjLkt0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WOTMjsPhs4YDmgk6aHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lLz9jYW1wYWlnbj0yMDczMTUzNDAwM4AKA8gLAdoMEQoLEOC34-e1npidqgESAgED4g0TCKfDj8Phs4YDFdmfgwgddcEGptgTDdAVAYAXAbIXHgocCAASFHB1Yi02MjM1ODI0Mjk2NTI0NjY2GIbfJbIYCRICgmgYAiIBAA&sigh=93GAR2s4o6A&uach_m=%5B%5D&ase=2&nis=6&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&cbvp=2 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1ee6cf1fb87808de0000000000000000%22,%222%22:%220xda1875a338b3f460000000000000000%22,%223%22:%220xb968c661d48560cd0000000000000000%22,%224%22:%220xf389ffc1b7911d200000000000000000%22,%225%22:%220xc1de3606f16d92940000000000000000%22},%22debug_key%22:%2213145661498357861855%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216696251453161853249%22}&andc=true

Request Chain 118

• https://securepubads.g.doubleclick.net/pagead/adview?ai=C6fbXWZhXZu_5Atm_jvQP9YKbsAqZl4yRdrGkjJeoEmQQASCO9cJLYMnujovApIwQoAG4vrabA8gBCakCZt_JRA17qD7gAgCoAwHIAwqqBLkCT9C7-o_S-E2x9DAUpz2f_IV9Q8b0cpFhOy-z_FEYT-v0tHPTvXVHltklPAkuodlXJLdI2twx48847XXPcgzlyV-P3lb7xl7HIKG8UNu_hNrsFDCMVncxcDZTvjfa_8aZpoQLiTHqOFQJTsPGA-3q-plpoALI-Tpm6kRPuH8xoUkMnRlzScwmpdJa4WM2ZT7h3m-fMmLWmNz9QJwsu_pBz-OljJ1zsp56E-SRGUH7y8ihZhFvBO7NzA_tOdQqeRI0LxOXgDe3WL33VkKDJDPqRY-M0vZLgny6bg_AB-7jOE_4bYNXlx62WBzRGPLvP1pCSTgFljfvfCmydNfscJgCapA5czVKdIo0C7wyUk6u3ulxuLy-0gdtZaVAUJXuzPYiE2hdq1G7GLIhslD_S1pYLFywpH4T_AD68cAE36-3w9UE4AQBiAWVo6naTZIFBAgEGAGSBQQIBRgEoAYugAewwclkqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ8J8T0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WOTMjsPhs4YDmglWaHR0cHM6Ly9wYXJ0cy5jYW1zby5jby8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1lY29tbWVyY2VfZW6ACgPICwHaDBEKCxCgyaTmmImwvuoBEgIBA-INEwiow4_D4bOGAxXZn4MIHXXBBqa4E-QD2BMNiBQB0BUBgBcBshceChwIABIUcHViLTYyMzU4MjQyOTY1MjQ2NjYYht8lshgJEgKqThguIgEA&sigh=Qaw2Mg_lm94&uach_m=%5B%5D&ase=2&nis=6&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&template_id=484&cbvp=2 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0f11c1a593490740000000000000000%22,%222%22:%220xf9f08fadd41809160000000000000000%22,%223%22:%220xbb617d0cca0bf61d0000000000000000%22,%224%22:%220xc5d1461dc7448f0000000000000000%22,%225%22:%220x4dc4654a54362a9e0000000000000000%22},%22debug_key%22:%2216125941120574960438%22,%22debug_reporting%22:true,%22destination%22:%22https://camso.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862822200%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213546817339037684289%22}&andc=true

Request Chain 119

• https://securepubads.g.doubleclick.net/pagead/adview?ai=CXrWUWZhXZvD5Atm_jvQP9YKbsAqCnN7vd6Ls2f7bEmQQASCO9cJLYMnujovApIwQoAHr9-7SPcgBAuACAKgDAcgDCKoEygJP0KfIbl3P1kxZC4XcLrQJRQ6yyKbOLt9yyIDPBkkgIiz6Dw0xdR8wgCDfZNAbYV44n53kZD9SiAYZa5-VmYQStPfFuajPi1y1P8P1HeKT_09MChJXbajlGz0yZgLlTJCPPGxDFalw4_i7iy-T5fnOCp1IZAJ4u_onyMAkguyZGm9LBT8EMFc2pEcPj-AbmIHbt5Xa0rc-442oMVK3O87_TMLs22PGwSltbPhaX7C3ioctM25y_lTOFGpKyVK3q0mqkyTdBp5OeiQaLbUT8cLglMOhY94o2TFrSHdWzhRBvySEUrGohn9x11pLrrG1o3MKG60mnTz2XeVgRtsRmIhbmNyZxoSm7oKzPztCFEyFX7Ogl2X2-T17orKAvHkmciYWnDnOpX3Lqm8IcaQs1pD7X-TAA3VxHdflz2vSppFmeRRbZzxVomsaphnABNeuwqnnBOAEAYgFjcjrok-SBQQIBBgBkgUECAUYBKAGAoAH66-_shioB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCf207SCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpY5MyOw-GzhgOaCTBodHRwczovL3BkZnRvb2xwcm8uY29tL3BkZj9jaWQ9N3Z4cXNqU2s1VEZzNGNpOTCACgPICwHaDBAKChCgi7iF2p_QxAQSAgED4g0TCKnDj8Phs4YDFdmfgwgddcEGptgTDdAVAYAXAbIXHgocCAASFHB1Yi02MjM1ODI0Mjk2NTI0NjY2GIbfJbIYCRICsV8YAiIBAA&sigh=YoE2arP5Rdc&uach_m=%5B%5D&ase=2&nis=6&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&cbvp=2 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc45393872d216e9c0000000000000000%22,%222%22:%220x691059728653c21f0000000000000000%22,%223%22:%220x76e0aa2492fa078f0000000000000000%22,%224%22:%220xa6d1ea405bf956ca0000000000000000%22,%225%22:%220xe64a03b7b37e0cfe0000000000000000%22},%22debug_key%22:%222961067990472370687%22,%22debug_reporting%22:true,%22destination%22:%22https://pdftoolpro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216548346859%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229382749370046621489%22}&andc=true

Request Chain 120

• https://securepubads.g.doubleclick.net/pagead/adview?ai=C_Y-mWZhXZvH5Atm_jvQP9YKbsAq9nYCod5GTxZDDEtrZHhABII71wktgye6Oi8CkjBCgAfedsrs9yAEJ4AIAqAMByAMKqgTPAk_Q1eZzLaDNrALjYSiBmZ_ma03NoJzbGx3NVcBxmt39g2YpEKadtP0VpmhWHZEKKhiy_QvizG2jhCR5TdTdWKdKLV-Rt-L97UW6hV574trLgxkkCYCh118stUBo15JShn0Ye9QsaUFj1RjMCN3jd5WWapW2Bc0ec2UtkBajcRLTfO39QPbkhtVNbfqXtMQ3FF3hA5DF6W0Uhf6lNp_o7GJjlT52FTbrEY4mUsvuka8l7NAS5xO1BmV-WvLH4qFYJ4szRqmkXo_KKaCNLApd3FhxF17HSlpMxLUGSvyQKEwVT9_s97HqUYCvnezE-eN95vX3Hpntoi4xZH1fyH3wkx4BIqzl80FVWHaAjjjNh-bpxNu4vzhlF1uIw83Koz4ds4XBkI-VUd0D8d6-d6s76P-dHjgprkN0wKGWPH2elCqQ4VigC_Pbh44bbUYvjLZawASfrJe91gTgBAGIBYKard9OkgUECAQYAZIFBAgFGASgBi6AB_fVgpsYqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQrZIb0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WOTMjsPhs4YDmgkgaHR0cHM6Ly9yb2NoZXN0ZXJueS5pbWFnZTM2MC5jb22ACgPICwHaDBAKChDA94Ghvr6sslcSAgED4g0TCKrDj8Phs4YDFdmfgwgddcEGprgT5APYEw3QFQGAFwGyFx4KHAgAEhRwdWItNjIzNTgyNDI5NjUyNDY2NhiG3yWyGAkSAqFQGC4iAQA&sigh=N3lQ1m9geuQ&uach_m=%5B%5D&ase=2&nis=6&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&template_id=484&cbvp=2 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda2d5261fe2f8f090000000000000000%22,%222%22:%220x14d1e1337ecd14030000000000000000%22,%223%22:%220x5e712eb956c27f9b0000000000000000%22,%224%22:%220x83e312a1f66f0cf40000000000000000%22,%225%22:%220x105153f90626f12a0000000000000000%22},%22debug_key%22:%2213273875965661236622%22,%22debug_reporting%22:true,%22destination%22:%22https://image360.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216499117815%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224251761125998539713%22}&andc=true

Request Chain 121

• https://securepubads.g.doubleclick.net/pagead/adview?ai=CH-aUWZhXZvL5Atm_jvQP9YKbsAqGpIbbdua94o3AEvqd3KDUARABII71wktgye6Oi8CkjBCgAavr-_kCyAEC4AIAqAMByAMIqgTAAk_QMVnw3B3WdlnWu3SKSHBMxtDDBwEWxOJ8tMqnlVbFNU1VBFTC1aiJzn6cc6lpmRQqZYlROSe0t7BCsYuzjHqWhzUOOPmd964BpPV6fQPCCkvO-jERO1Jt9jARzURBafMcsqc8rDcqFQFriEwLnG2AXexcWPhhjYu2fDQPzvW4-BiTNDKvuWkj9qImakQlGMJ6yBTicjXV24Febyu43ta8GkI1xj-ojYWvA2_gi_LDIxCquE4ZXMJ4Nh6PM4KfPYBWVKMcCQu_8VxgkjNy5c_KSUPZwQKARp2QSyCTlAMvQsnACggC8GeZmtxBsxFSHw7YUPFOKP-Qc9wU1EYZIOFgwmPHYuYsCQ_3uELHRjHfZsuzo767_3etcmLAxPFwI7VX1T4b5-j13QF5aheHRqk7DyaE0Z7T5ockDrdzpMZ1wASo6cHDswTgBAGIBcXfo9xLkgUECAQYAZIFBAgFGASgBgKAB7nzzbABqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQsN4R0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WOTMjsPhs4YDmgmLAmh0dHBzOi8vYWJvdXQuY2xhcmlmaW9uLmNvbS9kaXNncmRtLz91dG1fY29udGVudD0xNTEyNzA3NDkzNTImdXRtX3Rlcm09Njk2NDYwOTIzMTExJm1hdGNodHlwZT0mbmV0d29yaz1kJmt3PSZwbGFjZW1lbnQ9YS54eXoxMjMudXMua2cmdGFyZ2V0PSZhZHBvc2l0aW9uPSZ1dG1fY2FtcGFpZ249MjAzMjYxODI4NTMmZmVlZGl0ZW1pZD0mdGFyZ2V0aWQ9JmRldmljZT1jJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzJmltZz0xMTY5NDcyMDYxNzYwODk5NzA3M4AKA8gLAdoMEAoKEMDv6M3mkty-FhICAQPiDRMIq8OPw-GzhgMV2Z-DCB11wQam2BMM0BUBgBcBshceChwIABIUcHViLTYyMzU4MjQyOTY1MjQ2NjYYht8lshgJEgKxZBgCIgEA6BgB&sigh=bhOorER1hNk&uach_m=%5B%5D&ase=2&nis=6&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&cbvp=2 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41d855118ee24ba60000000000000000%22,%222%22:%220x62037ed2b1b735dc0000000000000000%22,%223%22:%220xd92b0e4399bb48ce0000000000000000%22,%224%22:%220x734e5bd6c6746c3d0000000000000000%22,%225%22:%220xec7da9b72fd3c8430000000000000000%22},%22debug_key%22:%225250212941892263640%22,%22debug_reporting%22:true,%22destination%22:%22https://clarifion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22792655275%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214929612407868590977%22}&andc=true

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response a.xyz123.us.kg/	68 KB 15 KB	503ms 304ms	Document text/html	172.67.190.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.100 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / WordPress VIP <https://wpvip.com> Resource Hash 9e13ca4a1727a62b10795bd6c7f1a0b067e0a73b97a1c624e6c5680269e14443 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 88b96fc0edc84bc7-BUF content-encoding br content-type text/html; charset=UTF-8 date Wed, 29 May 2024 21:04:23 GMT expires Fri, 01 Dec 2023 18:59:18 GMT fastly-restarts 1 host-header a9130478a60e5f9135f765b23f26593b link <https://www.reference.com/wp-json/>; rel="https://api.w.org/", <https://www.reference.com/wp-json/wp/v2/pages/149>; rel="alternate"; type="application/json", <https://www.reference.com/>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gYasGia6HYNTO7DYh4x4gh%2BSx%2FSmwImCLcd21Q0ltyNENZCo0OhL2PMBnTSyN7CRrvebw4Sh8clXXuk1bypnbU%2FtXZtB9XKhWPmI7doxiO4dKgn8vljtJeaQ%2FP%2F8WXRNg%3D%3D"}],"group":"cf-nel","max_age":604800} rtss 2-6-140 server cloudflare vary Accept-Encoding via 1.1 varnish x-cache HIT, MISS x-cache-hits 0 x-hacker If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header. x-powered-by WordPress VIP <https://wpvip.com> x-rq jfk2 96 185 443 x-served-by cache-nyc-kteb1890036-NYC
GET H2	200	style.min.css www.reference.com/wp-includes/css/dist/block-library/	102 KB 14 KB	83ms 21ms	Stylesheet text/css	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/wp-includes/css/dist/block-library/style.min.css?m=1715117936g Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 85 188 443 content-encoding gzip via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Tue, 07 May 2024 21:38:56 GMT x-timer S1717016664.557132,VS0,VE3 etag W/"663a9f70-19824" vary Accept-Encoding, x-ua-device x-cache HIT, MISS content-type text/css cache-control max-age=31536000 accept-ranges bytes x-cache-hits 0
GET H2	200	/ www.reference.com/_static/	15 KB 4 KB	249ms 186ms	Stylesheet text/css	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGpobmhoamlsamwMARKwu5Q== Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq mdw2 96 185 443 content-encoding gzip via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Tue, 07 May 2024 21:38:57 GMT vary Accept-Encoding x-cache HIT, MISS content-type text/css;charset=utf-8 cache-control max-age=31536000 accept-ranges bytes rtss 2-10-106 fastly-restarts 1 x-cache-hits 0
GET H2	200	related-posts-block-styles.min.css www.reference.com/wp-content/mu-plugins/search/elasticpress/dist/css/	222 B 470 B	82ms 20ms	Stylesheet text/css	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?m=1715115084g Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 85 187 443 via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Tue, 07 May 2024 20:51:24 GMT x-timer S1717016664.557140,VS0,VE3 etag "663a944c-de" vary Accept-Encoding, x-ua-device x-cache HIT, MISS content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 222 x-cache-hits 0
GET H2	200	/ www.reference.com/_static/	79 KB 13 KB	242ms 180ms	Stylesheet text/css	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/_static/??-eJyVjsEOgjAQRH/IdYMJogfjt5QyVEJbSHeJ8e+paAxGLl5ndt5bvo9kh6iIyqOfXBeFjfQBTWfI1VT7wfbPSKDCVr7bNuXp+2afyx1v4IIRRSITHL2iNW0h/Ez1hgDhhBYJ0YKylBYriz48/hmsZBs1fR64hktRFeX5eKjK0wytaWeP Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a9c8e8ceece8a02800e03d57b100ec2fd2ae34b6653a9a8afb7ef1d8eb38e96d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq mdw2 96 184 443 content-encoding gzip via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Fri, 17 May 2024 16:19:18 GMT vary Accept-Encoding x-cache HIT, MISS content-type text/css;charset=utf-8 cache-control max-age=31536000 accept-ranges bytes rtss 2-10-111 fastly-restarts 1 x-cache-hits 0
GET H2	200	/ Show response www.reference.com/_static/	114 KB 39 KB	241ms 180ms	Script application/javascript	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/_static/??-eJx9jMEKwkAMRH/INBRl9SJ+S6ghZGniutm1+PcW9dBTYeDB8GZwKaA+zf3OgXnNs3N9/zGY+pDjgHsSmEqlxlt5enhjb1jmLuqBRtG4ApnAr0KK4PY9KyQML+UFhNb9za7jeUyndEzpkj+8ZToe Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5830203a000b4c69584f98e41995e4eccf4b17b63e2932a6adff4bb17d7a826b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq mdw2 96 185 443 content-encoding gzip via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Thu, 23 May 2024 11:27:48 GMT vary Accept-Encoding x-cache HIT, MISS content-type application/javascript cache-control max-age=31536000 accept-ranges bytes rtss 2-10-81 fastly-restarts 1 x-cache-hits 0
GET H2	200	site-logo.svg www.reference.com/wp-content/themes/reference-ask-media/assets/images/	19 KB 7 KB	19ms 18ms	Image image/svg+xml	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/themes/reference-ask-media/assets/images/site-logo.svg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0f9965e06040374e57dbb731f9fcbe99afd671c5d90e048f183984bd5e4eea54 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 85 187 443 content-encoding gzip via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Mon, 07 Nov 2022 06:47:30 GMT x-timer S1717016664.384073,VS0,VE2 etag W/"6368aa02-4caf" vary Accept-Encoding, x-ua-device x-cache HIT, MISS content-type image/svg+xml cache-control max-age=300, must-revalidate accept-ranges bytes x-cache-hits 0
GET H2	200	iStock-1346932521.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	43 KB 43 KB	83ms 22ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1346932521.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c07782ad283b9d6dae3dbfe6efb3f9d336356e39b18c447ba61e2faa8033567c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 130 443 via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Thu, 09 May 2024 05:20:38 GMT x-timer S1717016664.557840,VS0,VE4 etag "c1ee9a7b8d39b48b" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 43994 x-cache-hits 0
GET H2	200	iStock-1398692672-1.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	29 KB 29 KB	18ms 17ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1398692672-1.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 72d55067291052bce934bee467a31ce48a29ff7f1288f2ab1229a9c06a264905 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 86 215 443 via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Thu, 09 May 2024 05:20:38 GMT x-timer S1717016664.578722,VS0,VE2 etag "dce4ac7e6b21ccdd" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 29520 x-cache-hits 0
GET H2	200	iStock-1366538341.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	35 KB 35 KB	19ms 18ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1366538341.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash baf7312fa4804ca3a5cb24cc9797511c70d4ec9cef6ad235f93166471b9fbb68 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 130 443 via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Thu, 09 May 2024 05:20:38 GMT x-timer S1717016664.578975,VS0,VE2 etag "c9b955aa4ec3c81e" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 35472 x-cache-hits 0
GET H2	200	iStock-1396593401.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	41 KB 41 KB	17ms 17ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1396593401.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7df92efcde8841f47a0136f26a752bc641907a47fa20568b9fd1818275e51c3c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 87 203 443 via 1.1 varnish date Wed, 29 May 2024 21:04:23 GMT last-modified Thu, 09 May 2024 05:20:38 GMT x-timer S1717016664.599766,VS0,VE1 etag "f5ff6d5a4ef4b539" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 42172 x-cache-hits 0
GET H2	200	script.js Show response cadmus.script.ac/dm9yz90bavn71/	140 KB 48 KB	235ms 153ms	Script application/javascript	2606:4700::6812:1691 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2601dab0909d0dd0a0e71c4bc552123eb3c8679349de64c94013565daef4fd3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT content-encoding gzip last-modified Wed, 29 May 2024 19:41:00 GMT server cloudflare age 0 etag W/"f72b0671e8d2a568a0b381deccb8c82418137723" vary Accept-Encoding content-type application/javascript cache-control public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400 cf-ray 88b96fc5fd004bc1-BUF
GET H2	200	/ Show response www.reference.com/_static/	45 KB 12 KB	126ms 126ms	Script application/javascript	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/_static/??-eJydkMEOwjAMQ3+IEA1pDA6Ib4m2rLS0adVksM9nEwcOO42bZflZlvFdoM9iLIYlTs6LYiI1rkDJwddCUmVTDIpjXcLHoAfcCRaqFCPN/7Cr6XJ2kYGGGX8StK++bPbYgxMrVh65svRLVJ+QePC0tgm9vCPzWXZw2wfu6dZ0TXs9n7r2Ej7XNnoh Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a6551426dd00b9ae89d824eba9aabb90e8b967fb153c437afeb7309720084f9b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq mdw2 96 185 443 content-encoding gzip via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Fri, 17 May 2024 16:19:18 GMT vary Accept-Encoding x-cache HIT, MISS content-type application/javascript cache-control max-age=31536000 accept-ranges bytes rtss 2-10-106 fastly-restarts 1 x-cache-hits 0
GET H2	200	e-202422.js Show response stats.wp.com/	7 KB 3 KB	88ms 22ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202422.js Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-minify-cache hit x-nc HIT jfk date Wed, 29 May 2024 21:04:24 GMT content-encoding br server nginx x-minify t etag W/14377-1704402356563.6672 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 alt-svc h3=":443"; ma=86400 expires Wed, 21 May 2025 03:12:27 GMT
GET H2	200	get-header-variable Show response www.reference.com/wp-json/amg/v2/	2 B 699 B	300ms 268ms	XHR application/json	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/wp-json/amg/v2/get-header-variable Requested by Host: www.reference.com URL: https://www.reference.com/_static/??-eJx9jMEKwkAMRH/INBRl9SJ+S6ghZGniutm1+PcW9dBTYeDB8GZwKaA+zf3OgXnNs3N9/zGY+pDjgHsSmEqlxlt5enhjb1jmLuqBRtG4ApnAr0KK4PY9KyQML+UFhNb9za7jeUyndEzpkj+8ZToe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish x-cache MISS, MISS fastly-restarts 1 x-served-by cache-yyz4531-YYZ x-rq yyz2 85 187 443 allow GET access-control-allow-methods OPTIONS, GET, POST, PUT, PATCH, DELETE content-type application/json; charset=UTF-8 access-control-allow-origin https://a.xyz123.us.kg access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true vary Accept-Encoding, Origin, x-ua-device accept-ranges bytes x-robots-tag noindex link <https://www.reference.com/wp-json/>; rel="https://api.w.org/" access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type x-cache-hits 0
GET H2	200	gtm.js Show response www.googletagmanager.com/	460 KB 120 KB	137ms 58ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KMFC6W2 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ea660c1013df3a273c6f69debd310a032b26a9ea87c5a8c8cb69c67fcc920e63 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 122615 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 May 2024 21:04:24 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 www.reference.com/wp-content/themes/reference-ask-media/assets/fonts/	15 KB 15 KB	40ms 38ms	Font application/font-woff2	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/wp-content/themes/reference-ask-media/assets/fonts/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.reference.com URL: https://www.reference.com/_static/??-eJyVjsEOgjAQRH/IdYMJogfjt5QyVEJbSHeJ8e+paAxGLl5ndt5bvo9kh6iIyqOfXBeFjfQBTWfI1VT7wfbPSKDCVr7bNuXp+2afyx1v4IIRRSITHL2iNW0h/Ez1hgDhhBYJ0YKylBYriz48/hmsZBs1fR64hktRFeX5eKjK0wytaWeP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.reference.com/_static/??-eJyVjsEOgjAQRH/IdYMJogfjt5QyVEJbSHeJ8e+paAxGLl5ndt5bvo9kh6iIyqOfXBeFjfQBTWfI1VT7wfbPSKDCVr7bNuXp+2afyx1v4IIRRSITHL2iNW0h/Ez1hgDhhBYJ0YKylBYriz48/hmsZBs1fR64hktRFeX5eKjK0wytaWeP Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT via 1.1 varnish, 1.1 varnish x-cache HIT, MISS, MISS content-length 15688 x-served-by cache-yyz4531-YYZ, cache-yyz4531-YYZ x-rq yyz2 85 188 443 last-modified Mon, 07 Nov 2022 06:47:30 GMT x-timer S1717016664.436038,VS0,VE23 etag "6368aa02-3d48" vary Accept-Encoding, x-ua-device access-control-allow-methods GET, HEAD content-type application/font-woff2 access-control-allow-origin * cache-control max-age=300, must-revalidate accept-ranges bytes x-cache-hits 0, 0
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 www.reference.com/wp-content/themes/reference-ask-media/assets/fonts/	15 KB 16 KB	18ms 16ms	Font application/font-woff2	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/wp-content/themes/reference-ask-media/assets/fonts/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: www.reference.com URL: https://www.reference.com/_static/??-eJyVjsEOgjAQRH/IdYMJogfjt5QyVEJbSHeJ8e+paAxGLl5ndt5bvo9kh6iIyqOfXBeFjfQBTWfI1VT7wfbPSKDCVr7bNuXp+2afyx1v4IIRRSITHL2iNW0h/Ez1hgDhhBYJ0YKylBYriz48/hmsZBs1fR64hktRFeX5eKjK0wytaWeP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.reference.com/_static/??-eJyVjsEOgjAQRH/IdYMJogfjt5QyVEJbSHeJ8e+paAxGLl5ndt5bvo9kh6iIyqOfXBeFjfQBTWfI1VT7wfbPSKDCVr7bNuXp+2afyx1v4IIRRSITHL2iNW0h/Ez1hgDhhBYJ0YKylBYriz48/hmsZBs1fR64hktRFeX5eKjK0wytaWeP Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT via 1.1 varnish x-cache HIT, MISS content-length 15720 x-served-by cache-yyz4531-YYZ x-rq yyz2 85 187 443 last-modified Mon, 07 Nov 2022 06:47:30 GMT x-timer S1717016664.436003,VS0,VE2 etag "6368aa02-3d68" vary Accept-Encoding, x-ua-device access-control-allow-methods GET, HEAD content-type application/font-woff2 access-control-allow-origin * cache-control max-age=300, must-revalidate accept-ranges bytes x-cache-hits 0
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 www.reference.com/wp-content/themes/reference-ask-media/assets/fonts/	16 KB 16 KB	22ms 21ms	Font application/font-woff2	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/wp-content/themes/reference-ask-media/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.reference.com URL: https://www.reference.com/_static/??-eJyVjsEOgjAQRH/IdYMJogfjt5QyVEJbSHeJ8e+paAxGLl5ndt5bvo9kh6iIyqOfXBeFjfQBTWfI1VT7wfbPSKDCVr7bNuXp+2afyx1v4IIRRSITHL2iNW0h/Ez1hgDhhBYJ0YKylBYriz48/hmsZBs1fR64hktRFeX5eKjK0wytaWeP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.reference.com/_static/??-eJyVjsEOgjAQRH/IdYMJogfjt5QyVEJbSHeJ8e+paAxGLl5ndt5bvo9kh6iIyqOfXBeFjfQBTWfI1VT7wfbPSKDCVr7bNuXp+2afyx1v4IIRRSITHL2iNW0h/Ez1hgDhhBYJ0YKylBYriz48/hmsZBs1fR64hktRFeX5eKjK0wytaWeP Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT via 1.1 varnish x-cache HIT, MISS content-length 15920 x-served-by cache-yyz4531-YYZ x-rq yyz2 85 188 443 last-modified Mon, 07 Nov 2022 06:47:30 GMT x-timer S1717016664.436349,VS0,VE3 etag "6368aa02-3e30" vary Accept-Encoding, x-ua-device access-control-allow-methods GET, HEAD content-type application/font-woff2 access-control-allow-origin * cache-control max-age=300, must-revalidate accept-ranges bytes x-cache-hits 0
GET H2	200	iStock-1213781338-2.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	50 KB 50 KB	24ms 17ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1213781338-2.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e277c94becd99ae81f21d041927484dfaf3f6d24137eb9983f01602e546ae2d4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 86 167 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 05:20:38 GMT x-timer S1717016664.425735,VS0,VE2 etag "708f6ade98d2b672" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 50994 x-cache-hits 0
GET H2	200	iStock-1355996462.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	42 KB 42 KB	28ms 22ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1355996462.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b1a794c013de46cec9395d4d66e05d269aadc050e6cf8b2605bee31b0daea1eb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 86 83 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 05:20:38 GMT x-timer S1717016664.425719,VS0,VE2 etag "0b3c31a71dc9ef5b" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 42670 x-cache-hits 0
GET H2	200	iStock-1350649351.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	35 KB 35 KB	50ms 43ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1350649351.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 879d45e43c4749887170a569e384b04e1ce38ac6e0920152b0f512336fe47834 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 86 83 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:50 GMT x-timer S1717016664.427565,VS0,VE4 etag "0bf943c11d3d5de7" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 36132 x-cache-hits 0
GET H2	200	iStock-1387867380.jpg www.reference.com/wp-content/uploads/sites/2/2023/03/	18 KB 18 KB	50ms 44ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/03/iStock-1387867380.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1098345d76ced061948299659c7f5dc84538f783e5b5b2ed0bbc1a96c1cd47b8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 130 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:51 GMT x-timer S1717016664.427587,VS0,VE4 etag "032e24d6b0c15251" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 18780 x-cache-hits 0
GET H2	200	iStock-1153990996.jpg www.reference.com/wp-content/uploads/sites/2/2023/02/	35 KB 36 KB	38ms 32ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/02/iStock-1153990996.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5996761cb08e0421cb2b9f92da2e9e7449dbaf06257fee29a40a4231af5924f3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 86 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:51 GMT x-timer S1717016664.427538,VS0,VE4 etag "9bbb888c81e03353" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 36258 x-cache-hits 0
GET H2	200	iStock-1153675389.jpg www.reference.com/wp-content/uploads/sites/2/2023/02/	29 KB 29 KB	33ms 27ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/02/iStock-1153675389.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0abaae1baf4a2307361aa3e73add18096f8f6104a2061add99da520a4f4585ef Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 87 107 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:51 GMT x-timer S1717016664.427528,VS0,VE4 etag "5ed73efbaaa33e7e" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 30002 x-cache-hits 0
GET H2	200	AdobeStock_404528099.jpeg www.reference.com/wp-content/uploads/sites/2/2023/02/	21 KB 22 KB	38ms 33ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/02/AdobeStock_404528099.jpeg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 736d4354d5ae04019d8d5e99581113d1023cde8f3a9e2b125df761ba40e51fb1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 86 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:51 GMT x-timer S1717016664.427478,VS0,VE4 etag "c0596ea4b77bf931" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 21930 x-cache-hits 0
GET H2	200	AdobeStock_429015029.jpeg www.reference.com/wp-content/uploads/sites/2/2023/02/	20 KB 20 KB	60ms 55ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/02/AdobeStock_429015029.jpeg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3eb4490eefa951fc80290a7043c5dff672c1e83d956c49caa943894362db5d50 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 87 95 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:51 GMT x-timer S1717016664.427507,VS0,VE6 etag "b517ac9673b72920" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 20052 x-cache-hits 0
GET H2	200	iStock-623536458.jpg www.reference.com/wp-content/uploads/sites/2/2023/02/	37 KB 37 KB	37ms 32ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/02/iStock-623536458.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e323cc42097560474bb93ca79c4aac7b0f8e474ac457bf17569c35b8863af2f1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 130 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:51 GMT x-timer S1717016664.427407,VS0,VE4 etag "d70b78405c6e541c" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 37738 x-cache-hits 0
GET H2	200	iStock-879085778.jpg www.reference.com/wp-content/uploads/sites/2/2022/10/	65 KB 66 KB	27ms 23ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2022/10/iStock-879085778.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e48cd16f57db1e435a577471d3acfda194b43af883dd2be1b776a1b43c05bc10 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 130 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 07:21:20 GMT x-timer S1717016664.427437,VS0,VE2 etag "257a62f06c624b29" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 67056 x-cache-hits 0
GET H2	200	iStock-1059357936.jpg www.reference.com/wp-content/uploads/sites/2/2022/10/	19 KB 19 KB	64ms 60ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2022/10/iStock-1059357936.jpg Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cc70fffd4e5559cef269130a206d6078c9aa76408ebdf3385eb9b5b1fddea6e6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 86 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 07:21:20 GMT x-timer S1717016664.440817,VS0,VE2 etag "be5030c0843c5467" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 19722 x-cache-hits 0
GET H2	200	iStock-157593982-1.jpg www.reference.com/wp-content/uploads/sites/2/2023/02/	4 KB 5 KB	70ms 67ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/02/iStock-157593982-1.jpg?w=150&h=150&crop=1 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 20cd1232a19c4b0b386d7879de60ed0eea5d4493a08f72f825be738d4ecd80b6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 86 167 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:50 GMT x-timer S1717016664.440777,VS0,VE6 etag "a0391fe711c9b3ff" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 4532 x-cache-hits 0
GET H2	200	iStock-1168900911.jpg www.reference.com/wp-content/uploads/sites/2/2023/02/	4 KB 4 KB	60ms 57ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/02/iStock-1168900911.jpg?w=150&h=150&crop=1 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8cb26e8d509b9499705eac8e6c2142d8a16e2c0c20681c5e64357886f722333f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 86 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:51 GMT x-timer S1717016664.440746,VS0,VE2 etag "503434d7b9aa5c37" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 3874 x-cache-hits 0
GET H2	200	iStock-1319106362.jpg www.reference.com/wp-content/uploads/sites/2/2023/01/	4 KB 4 KB	69ms 66ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/01/iStock-1319106362.jpg?w=150&h=150&crop=1 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9873649f7c27f4a71cffcdeac5d0d86a7583e733a4680e0eb926ba50e45a1608 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 130 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:50 GMT x-timer S1717016664.440777,VS0,VE4 etag "73e5218378469968" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 4088 x-cache-hits 0
GET H2	200	iStock-1306374807.jpg www.reference.com/wp-content/uploads/sites/2/2023/01/	4 KB 4 KB	62ms 60ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/01/iStock-1306374807.jpg?w=150&h=150&crop=1 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e52db5593be251200fbd5fe3d675d349abf846dc1a3a2fdb0bf2389ba845290c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 86 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:50 GMT x-timer S1717016664.440724,VS0,VE2 etag "e50fc31da08826f3" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 3772 x-cache-hits 0
GET H2	200	iStock-1350859272-1.jpg www.reference.com/wp-content/uploads/sites/2/2023/01/	6 KB 6 KB	67ms 65ms	Image image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.reference.com/wp-content/uploads/sites/2/2023/01/iStock-1350859272-1.jpg?w=150&h=150&crop=1 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 49cfd82341bf0fe0056e51cab532a1835a570541bd03d6e2c3c4c42310784097 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 86 443 via 1.1 varnish date Wed, 29 May 2024 21:04:24 GMT last-modified Thu, 09 May 2024 09:31:50 GMT x-timer S1717016664.440734,VS0,VE2 etag "2716d97654e548fd" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 6342 x-cache-hits 0
POST H2	200	1a Show response i.clean.gg/	0 104 B	42ms 41ms	XHR application/octet-stream	34.95.69.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json Response headers date Wed, 29 May 2024 21:04:24 GMT via 1.1 google server nginx/1.21.6 access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	204	1a i.clean.gg/ Frame	0 0	125ms 41ms	Preflight text/plain	34.95.69.49 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.21.6 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://a.xyz123.us.kg Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1728000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=utf-8 date Wed, 29 May 2024 21:04:24 GMT server nginx/1.21.6 via 1.1 google
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	91 KB 29 KB	178ms 104ms	Script text/javascript	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1717016664053 Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software cafe / Resource Hash 2648b47f9722a96bf15e087ccfa33a4be429cc2c9c3d60b6b100542df778f2b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29690 x-xss-protection 0 server cafe etag 243 / 19872 / 31084054 / config-hash: 11236395582249326280 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 29 May 2024 21:04:24 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 177 B	28ms 22ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=197398097&post=149&tz=-7&srv=www.reference.com&hp=vip&j=1%3A13.1.3&host=a.xyz123.us.kg&ref=&fcp=1456&rand=0.8302354196235535 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 29 May 2024 21:04:24 GMT cache-control no-cache server nginx alt-svc h3=":443"; ma=86400 content-length 50 content-type image/gif
GET H2	200	js Show response www.googletagmanager.com/gtag/	245 KB 87 KB	65ms 64ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JWGLYE8PG5&l=dataLayer&cx=c Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ef1a3ccc55ec77cf6243cd666e4fce2924ba0889d0c1af0a3860f64f38fa20b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88488 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 May 2024 21:04:24 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	83ms 15ms	Script text/javascript	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 29 May 2024 19:38:27 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5157 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 29 May 2024 21:38:27 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405230101/	452 KB 141 KB	35ms 34ms	Script text/javascript	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405230101/pubads_impl.js?cb=31084054 Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software cafe / Resource Hash ae1d946d7305119960251e362f5bf0ca500511b0f438cf0183e9af1c5ed86684 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 10:01:33 GMT content-encoding br x-content-type-options nosniff age 39771 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 144540 x-xss-protection 0 server cafe etag 7094345049347505924 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 29 May 2025 10:01:33 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	68 B 83 B	133ms 85ms	XHR application/json	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=a.xyz123.us.kg Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1717016664053 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software cafe / Resource Hash 8fe4dbf9d8bc6a704ced70b558340cc4eded16bf6bdecac11fcd0b81407bc127 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:24 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 59 x-xss-protection 0 expires Wed, 29 May 2024 21:04:24 GMT
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	18ms 17ms	Script text/javascript	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:03:36 GMT content-encoding br x-content-type-options nosniff age 48 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 29 May 2024 22:03:36 GMT
POST H2	204	collect www.google-analytics.com/g/	0 171 B	38ms 38ms	Ping text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-JWGLYE8PG5&gtm=45je45m0v9172111975z8840475645za200zb840475645&_p=1717016664370&gcd=13l3l3l3l1&npa=0&dma=0&cid=801587339.1717016665&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2F&dt=Reference.com%20-%20What%27s%20Your%20Question%3F&sid=1717016664&sct=1&seg=0&dl=https%3A%2F%2Fa.xyz123.us.kg%2F&en=page_view&_fv=1&_ss=1&ep.acquisition_division=dirN&ep.agency=&ep.experience=home&ep.full_url=https%3A%2F%2Fa.xyz123.us.kg%2F&ep.hit_timestamp=2024-05-29%2011%3A04%3A24.624%20GMT-1000(HST)&ep.immediate_referrer_page=&ep.archie_experience=IACOrganic&ep.locale=en-US&epn.local_hour=11&ep.o_code=600605&ep.page_view_id=bc6c03a5-8f59-42fa-894b-96ef0d800f0c&ep.g_style_id=6567741694&epn.page_number=1&ep.page_type=home&ep.product=reference.com&ep.app_name=wpvip_reference&ep.dark_mode=light&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&ep.gtm_tag_name=GA%20Page%20View%20-%20Core%20Page%20View&tfd=1854 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JWGLYE8PG5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 29 May 2024 21:04:24 GMT server Golfe2 content-type text/plain access-control-allow-origin https://a.xyz123.us.kg cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	3 B 23 B	48ms 47ms	XHR text/plain	216.239.36.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1574057745&t=pageview&_s=1&dl=https%3A%2F%2Fa.xyz123.us.kg%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Reference.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjAAAAACAFK~&jid=141382349&gjid=1296327146&cid=801587339.1717016665&tid=UA-190343097-163&_gid=2059409406.1717016665&_slc=1&gtm=45He45m0n81KMFC6W2v840475645za200&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fa.xyz123.us.kg%2F&cd12=2024-05-29%2011%3A04%3A24.659%20GMT-1000(HST)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=11&cd18=600605&cd19=bc6c03a5-8f59-42fa-894b-96ef0d800f0c&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&cd27=6567741694&cd29=1&cd30=Reference.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=reference.com&cd39=GA%20Page%20View%20-%20Core%20Page%20View&cd57=wpvip_reference&gcd=13l3l3l3l1&dma=0&cd10=801587339.1717016665&z=791261176 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.36.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 29 May 2024 21:04:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://a.xyz123.us.kg cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 346 B	117ms 40ms	XHR text/plain	2607:f8b0:4004:c0b::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-190343097-163&cid=801587339.1717016665&jid=141382349&gjid=1296327146&_gid=2059409406.1717016665&_u=aGBAgUAjAAAAAGAFKAC~&z=2090132339 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 29 May 2024 21:04:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://a.xyz123.us.kg cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	33ms 33ms	Image image/gif	216.239.36.178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1574057745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fa.xyz123.us.kg%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Reference.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=content&ea=trending%20article%20impressions&el=home&_u=aHDAgUAjAAAAAGAFKAC~&jid=&gjid=&cid=801587339.1717016665&tid=UA-190343097-163&_gid=2059409406.1717016665&gtm=45He45m0n81KMFC6W2v840475645za200&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fa.xyz123.us.kg%2F&cd12=2024-05-29%2011%3A04%3A24.701%20GMT-1000(HST)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=11&cd18=600605&cd19=bc6c03a5-8f59-42fa-894b-96ef0d800f0c&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&cd27=6567741694&cd29=1&cd30=Reference.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=reference.com&cd39=GA%20Event%20-%20Content%20-%20Trending%20Article%20Impressions&cd57=wpvip_reference&gcd=13l3l3l3l1&dma=0&cd10=801587339.1717016665&cm61=5&cm82=5&z=332228574 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.36.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 29 May 2024 07:36:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 48460 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	34ms 33ms	Image image/gif	216.239.36.178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1574057745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fa.xyz123.us.kg%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Reference.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=content&ea=article%20tile%20impressions&el=home&_u=aHDAgUAjAAAAAGAFKAC~&jid=&gjid=&cid=801587339.1717016665&tid=UA-190343097-163&_gid=2059409406.1717016665&gtm=45He45m0n81KMFC6W2v840475645za200&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fa.xyz123.us.kg%2F&cd12=2024-05-29%2011%3A04%3A24.717%20GMT-1000(HST)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=11&cd18=600605&cd19=bc6c03a5-8f59-42fa-894b-96ef0d800f0c&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&cd27=6567741694&cd29=1&cd30=Reference.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=reference.com&cd39=GA%20Event%20-%20Content%20-%20Article%20Tile%20Impressions&cd57=wpvip_reference&gcd=13l3l3l3l1&dma=0&cd10=801587339.1717016665&cm82=37&cm58=27&z=1369511889 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.36.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 29 May 2024 07:36:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 48460 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	34ms 33ms	Image image/gif	216.239.36.178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1574057745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fa.xyz123.us.kg%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Reference.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=content&ea=general%20impressions&el=https%3A%2F%2Fa.xyz123.us.kg%2F&_u=aHDAgUAjAAAAAGAFKAC~&jid=&gjid=&cid=801587339.1717016665&tid=UA-190343097-163&_gid=2059409406.1717016665&gtm=45He45m0n81KMFC6W2v840475645za200&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fa.xyz123.us.kg%2F&cd12=2024-05-29%2011%3A04%3A24.725%20GMT-1000(HST)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=11&cd18=600605&cd19=bc6c03a5-8f59-42fa-894b-96ef0d800f0c&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&cd27=6567741694&cd29=1&cd30=Reference.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=reference.com&cd39=GA%20Event%20-%20Content%20-%20General%20Impressions&cd57=wpvip_reference&gcd=13l3l3l3l1&dma=0&cd10=801587339.1717016665&cm82=37&cm1=1&cm2=1&cm3=1&cm55=1&cm57=1&cm63=0&cm64=0&cm66=5&z=86502917 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.36.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 29 May 2024 07:36:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 48460 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	273 KB 29 KB	978ms 978ms	Fetch text/plain	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3423024977816436&correlator=2116650452048537&eid=31083899%2C31084074%2C31084054%2C31079527%2C31078668&output=ldjh&gdfp_req=1&vrg=202405230101&ptt=17&impl=fifs&iu_parts=322166814%2CPL_Index_Content_AdX%2CPL_Index_Content_AdX_Mid_Rail_4%2CPL_Index_Content_AdX_Mid_Rail_5%2CPL_Index_Content_AdX_Mid_Rail_3%2CPL_Index_Content_AdX_RightRail_Mid_1%2CPL_Index_Content_AdX_Right_Rail_Mid_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=300x50%7C320x50%7C468x60%7C234x60%7C728x90%2C728x90%7C300x50%7C234x60%7C320x50%7C468x60%2C320x50%7C300x50%7C234x60%7C468x60%7C728x90%2C125x125%7C250x250%7C120x240%7C300x50%7C300x100%7C200x200%7C300x250%7C234x60%7C180x150%2C180x150%7C300x50%7C234x60%7C300x100%7C200x200%7C125x125%7C250x250%7C300x250%7C120x240&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1717016664919&lmt=1717016664&adxs=494%2C280%2C484%2C1161%2C1134&adys=843%2C1699%2C2292%2C525%2C535&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fa.xyz123.us.kg%2F&vis=1&psz=817x0%7C847x2221%7C847x2221%7C282x0%7C282x0&msz=817x0%7C817x0%7C817x0%7C282x0%7C282x0&fws=4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600&ga_vid=801587339.1717016665&ga_sid=1717016665&ga_hid=1574057745&ga_fc=true&ga_cid=2059409406.1717016665&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717016663480&idt=1393&adks=2548388865%2C4230988519%2C2520782232%2C3487825885%2C2557851464&frm=20&eoidce=1 Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software cafe / Resource Hash 22965a45c894f36fe3dc0ca9eec854c6956596a47d7025b13f007a1534c4e8c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:25 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29799 x-xss-protection 0 google-lineitem-id -1,-1,-1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://a.xyz123.us.kg access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 27aecc1aebfe23aac2c17eb23236d9e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2603	0 0	129ms 42ms	Document text/html	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://27aecc1aebfe23aac2c17eb23236d9e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 29 May 2024 21:04:25 GMT expires Wed, 29 May 2024 21:04:25 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ard.png Show response a.xyz123.us.kg/__ssobj/	0 650 B	134ms 134ms	XHR text/javascript	172.67.190.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.xyz123.us.kg/__ssobj/ard.png?7374530414859386346_1-801-1717016663&n=1 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.100 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cache-hits 0, 0 date Wed, 29 May 2024 21:04:25 GMT via 1.1 varnish, 1.1 varnish cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache MISS, MISS rtss 2-6-21 content-length 0 sbss 1 x-served-by cache-ewr18154-EWR, cache-ewr18134-EWR pragma no-cache alt-svc h3=":443"; ma=86400 last-modified Fri, 13 Oct 2023 14:55:40 GMT server cloudflare x-timer S1717016665.065436,VS0,VE42 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iY%2B9WE10KT47O4Qu7ICMsqkkiiHhCZh%2Feh8JGCHR3jm%2FWA3Uqf6i5Y8AdZI%2FcJ64%2F08U4Tq5dxRpmuEDx1vNzN9G9%2FtFpysIFHxeL52fVw96Kwgm%2FeA4lxd%2FKoBRrprO2g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 88b96fcc3c3a4bc7-BUF expires -1
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 12 KB	196ms 119ms	XHR application/json	142.251.35.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405230101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405230101/pubads_impl.js?cb=31084054 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f2.1e100.net Software cafe / Resource Hash edbe7fe6493b9b1eec0e5d1137ec028ceff7a28b02f5ac094d344809cb6155b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12766 x-xss-protection 0
GET H2	200	cropped-favicon-2.png www.reference.com/wp-content/uploads/sites/2/2021/10/	890 B 1012 B	18ms 18ms	Other image/webp	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.reference.com/wp-content/uploads/sites/2/2021/10/cropped-favicon-2.png?w=32 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0e6e79e96976ede0a6b67024fab8770dbc8aa49a5383d529abe2c8a7d552d12e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4581-YYZ x-rq yyz2 80 130 443 via 1.1 varnish date Wed, 29 May 2024 21:04:25 GMT last-modified Thu, 09 May 2024 05:20:41 GMT x-timer S1717016665.102786,VS0,VE2 etag "5a0c7dcc1325490c" vary Accept, x-ua-device x-cache HIT, MISS content-type image/webp cache-control max-age=31536000 accept-ranges bytes, bytes content-length 890 x-cache-hits 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	133ms 64ms	Script text/javascript	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 21:04:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 29 May 2024 21:04:25 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB53	0 0	89ms 28ms	Document text/html	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 42513 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 29 May 2024 09:15:52 GMT expires Thu, 29 May 2025 09:15:52 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame A4CD	0 0	134ms 56ms	Document text/html	142.250.65.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.196 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-agmCjotQrKc3OHfGitTvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-agmCjotQrKc3OHfGitTvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 29 May 2024 21:04:25 GMT expires Wed, 29 May 2024 21:04:25 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	_page_view Show response a.xyz123.us.kg/	0 496 B	91ms 91ms	XHR text/plain	172.67.190.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.xyz123.us.kg/_page_view?pt=home&pageViewId=bc6c03a5-8f59-42fa-894b-96ef0d800f0c&pd=reference.com&fullUrl=https%3A%2F%2Fa.xyz123.us.kg%2F&ad=dirN&lc=en-US&gsid=6567741694&eid=1717016665586&url=https%253A%252F%252Fa.xyz123.us.kg%252F&tmtry=false Requested by Host: www.reference.com URL: https://www.reference.com/_static/??-eJx9jMEKwkAMRH/INBRl9SJ+S6ghZGniutm1+PcW9dBTYeDB8GZwKaA+zf3OgXnNs3N9/zGY+pDjgHsSmEqlxlt5enhjb1jmLuqBRtG4ApnAr0KK4PY9KyQML+UFhNb9za7jeUyndEzpkj+8ZToe Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.190.100 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Accept */* Referer https://a.xyz123.us.kg/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers x-cache-hits 0 date Wed, 29 May 2024 21:04:25 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-timer S1717016666.668010,VS0,VE1 vary Accept-Encoding x-cache HIT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGYjPPJhbh8xy3CoLmju2eG%2BVlMcvOfeWcuHCIsff1%2BaP4Lehbz%2BgQQML%2ByxyQ%2FMp0QPv21dnj6GlDozD3VPLctKOVUSnrFkvW4nWgSeHXv%2FgjMrdyDtlKZ5EiE7EhoCMg%3D%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 88b96fcffe414bc7-BUF alt-svc h3=":443"; ma=86400 retry-after 0 x-served-by cache-ewr18163-EWR
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012405101652000/ Frame 5E65	196 KB 56 KB	132ms 29ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/amp4ads-v0.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8bcd7f7c00dc1726620982243dbd44c449cfe6ed8ef453f259f9792e57f6688b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 May 2024 05:34:25 GMT age 487801 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56069 x-xss-protection 0 server sffe etag "34563da1c73ccd0c" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:34:25 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 5E65	15 KB 5 KB	173ms 71ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-ad-exit-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e97a12e1aab95c9eb8c418eb72b826aceb025bee7b9f037c684b818648fb453 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 May 2024 05:30:50 GMT age 488016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5217 x-xss-protection 0 server sffe etag "3d288e2c3c48752d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:30:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 5E65	95 KB 28 KB	176ms 74ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-analytics-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 37b8e715cfb46f0ef2cccc7f648ecb7e6e30328fd59e3e0b5bbc095e356ee30b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 May 2024 05:25:05 GMT age 488361 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29032 x-xss-protection 0 server sffe etag "e92040d23ff8ecb1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:25:05 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 5E65	5 KB 2 KB	192ms 90ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-fit-text-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8d3d61a786370308a294ad9236dd9fe016542af1f4d430e542aeeede87c8015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 May 2024 05:22:38 GMT age 488508 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "3fbc3dcbf96de901" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:22:38 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 5E65	40 KB 13 KB	187ms 86ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-form-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 968efc1e46e966f859a7eb9b25e07f1d516f6287d136dfd09362a13919539d15 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 May 2024 05:21:48 GMT age 488558 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12946 x-xss-protection 0 server sffe etag "5142532377b4a63a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:21:48 GMT
GET DATA	200 OK	truncated / Frame 5E65	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e4ee3dff8e40cec8a03f7c544fdfcf1506e7eb4f934d8bbb1f47c1cba58f43a Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	10102276184515459258 tpc.googlesyndication.com/daca_images/simgad/ Frame 5E65	10 KB 11 KB	33ms 31ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/10102276184515459258 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48b66dbbad5c7652ce90194a88e830ffc31c2c8f524388500d56ed06f9b9f8fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sat, 24 May 2025 05:21:17 GMT date Fri, 24 May 2024 05:21:17 GMT x-content-type-options nosniff age 488588 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10573 x-xss-protection 0 last-modified Wed, 04 Oct 2023 17:39:50 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E65	2 KB 3 KB	31ms 31ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:51:02 GMT x-content-type-options nosniff server cafe age 47603 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 30 May 2024 07:51:02 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E65	295 B 539 B	30ms 30ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 16:47:36 GMT x-content-type-options nosniff server cafe age 15409 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 30 May 2024 16:47:36 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012405101652000/ Frame A55A	196 KB 0	69ms 69ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/amp4ads-v0.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8bcd7f7c00dc1726620982243dbd44c449cfe6ed8ef453f259f9792e57f6688b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:34:25 GMT age 487801 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56069 x-xss-protection 0 server sffe etag "34563da1c73ccd0c" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:34:25 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame A55A	15 KB 0	72ms 72ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-ad-exit-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e97a12e1aab95c9eb8c418eb72b826aceb025bee7b9f037c684b818648fb453 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:30:50 GMT age 488016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5217 x-xss-protection 0 server sffe etag "3d288e2c3c48752d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:30:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame A55A	95 KB 0	75ms 75ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-analytics-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 37b8e715cfb46f0ef2cccc7f648ecb7e6e30328fd59e3e0b5bbc095e356ee30b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:25:05 GMT age 488361 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29032 x-xss-protection 0 server sffe etag "e92040d23ff8ecb1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:25:05 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame A55A	5 KB 0	93ms 93ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-fit-text-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8d3d61a786370308a294ad9236dd9fe016542af1f4d430e542aeeede87c8015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:22:38 GMT age 488508 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "3fbc3dcbf96de901" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:22:38 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame A55A	40 KB 0	92ms 92ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-form-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 968efc1e46e966f859a7eb9b25e07f1d516f6287d136dfd09362a13919539d15 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:21:48 GMT age 488558 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12946 x-xss-protection 0 server sffe etag "5142532377b4a63a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:21:48 GMT
GET H2	200	css fonts.googleapis.com/ Frame A55A	4 KB 752 B	127ms 51ms	Stylesheet text/css	2607:f8b0:4006:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 29 May 2024 21:04:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 May 2024 20:16:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 May 2024 21:04:26 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame A55A	2 KB 0	0ms 0ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:51:02 GMT x-content-type-options nosniff server cafe age 47603 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 30 May 2024 07:51:02 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame A55A	295 B 0	1ms 1ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 16:47:36 GMT x-content-type-options nosniff server cafe age 15409 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 30 May 2024 16:47:36 GMT
GET H3	200	6592766407814317453 tpc.googlesyndication.com/simgad/14372950733764542273/ Frame A55A	51 KB 51 KB	28ms 27ms	Image image/jpeg	142.251.40.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14372950733764542273/6592766407814317453 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.129 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f1.1e100.net Software sffe / Resource Hash cd72f0d6615c3303b470335df5f945ca5c23be3dc8e19020ff5ee570f555ccd4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Thu, 29 May 2025 19:27:21 GMT date Wed, 29 May 2024 19:27:21 GMT x-content-type-options nosniff age 5825 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52445 x-xss-protection 0 last-modified Tue, 12 Dec 2023 15:55:32 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/5581723050836765683/ Frame A55A	2 KB 2 KB	25ms 24ms	Image image/jpeg	142.251.40.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5581723050836765683/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.129 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f1.1e100.net Software sffe / Resource Hash e8552e72b76949f607c0354292dd914473bee452952f2b1b4e762c15c7266849 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sat, 24 May 2025 08:17:11 GMT date Fri, 24 May 2024 08:17:11 GMT x-content-type-options nosniff age 478035 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2302 x-xss-protection 0 last-modified Tue, 12 Dec 2023 15:55:38 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET DATA	200 OK	truncated / Frame A55A	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6d2d50de72398e312d44d9f190647e529abf18da6b797d5ed30ed93d14d1d3ab Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012405101652000/ Frame 0F66	196 KB 0	35ms 35ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/amp4ads-v0.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8bcd7f7c00dc1726620982243dbd44c449cfe6ed8ef453f259f9792e57f6688b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:34:25 GMT age 487801 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56069 x-xss-protection 0 server sffe etag "34563da1c73ccd0c" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:34:25 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 0F66	15 KB 0	74ms 74ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-ad-exit-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e97a12e1aab95c9eb8c418eb72b826aceb025bee7b9f037c684b818648fb453 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:30:50 GMT age 488016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5217 x-xss-protection 0 server sffe etag "3d288e2c3c48752d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:30:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 0F66	95 KB 0	76ms 76ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-analytics-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 37b8e715cfb46f0ef2cccc7f648ecb7e6e30328fd59e3e0b5bbc095e356ee30b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:25:05 GMT age 488361 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29032 x-xss-protection 0 server sffe etag "e92040d23ff8ecb1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:25:05 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 0F66	5 KB 0	101ms 101ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-fit-text-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8d3d61a786370308a294ad9236dd9fe016542af1f4d430e542aeeede87c8015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:22:38 GMT age 488508 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "3fbc3dcbf96de901" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:22:38 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 0F66	40 KB 0	100ms 99ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-form-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 968efc1e46e966f859a7eb9b25e07f1d516f6287d136dfd09362a13919539d15 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:21:48 GMT age 488558 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12946 x-xss-protection 0 server sffe etag "5142532377b4a63a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:21:48 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0F66	2 KB 0	2ms 2ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:51:02 GMT x-content-type-options nosniff server cafe age 47603 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 30 May 2024 07:51:02 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0F66	295 B 0	2ms 2ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 16:47:36 GMT x-content-type-options nosniff server cafe age 15409 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 30 May 2024 16:47:36 GMT
GET DATA	200 OK	truncated / Frame 0F66	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cca01c59526f1b67ad3bbd66983c949b6fb86a89b862a132a44aa490c3111f94 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012405101652000/ Frame 7C82	196 KB 0	3ms 3ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/amp4ads-v0.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8bcd7f7c00dc1726620982243dbd44c449cfe6ed8ef453f259f9792e57f6688b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:34:25 GMT age 487801 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56069 x-xss-protection 0 server sffe etag "34563da1c73ccd0c" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:34:25 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 7C82	15 KB 0	46ms 46ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-ad-exit-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e97a12e1aab95c9eb8c418eb72b826aceb025bee7b9f037c684b818648fb453 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:30:50 GMT age 488016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5217 x-xss-protection 0 server sffe etag "3d288e2c3c48752d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:30:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 7C82	95 KB 0	47ms 47ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-analytics-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 37b8e715cfb46f0ef2cccc7f648ecb7e6e30328fd59e3e0b5bbc095e356ee30b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:25:05 GMT age 488361 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29032 x-xss-protection 0 server sffe etag "e92040d23ff8ecb1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:25:05 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 7C82	5 KB 0	74ms 74ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-fit-text-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8d3d61a786370308a294ad9236dd9fe016542af1f4d430e542aeeede87c8015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:22:38 GMT age 488508 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "3fbc3dcbf96de901" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:22:38 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 7C82	40 KB 0	73ms 73ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-form-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 968efc1e46e966f859a7eb9b25e07f1d516f6287d136dfd09362a13919539d15 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:21:48 GMT age 488558 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12946 x-xss-protection 0 server sffe etag "5142532377b4a63a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:21:48 GMT
GET H2	200	css fonts.googleapis.com/ Frame 7C82	6 KB 1 KB	56ms 50ms	Stylesheet text/css	2607:f8b0:4006:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 29 May 2024 21:04:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 May 2024 20:31:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 May 2024 21:04:26 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C82	2 KB 0	1ms 1ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:51:02 GMT x-content-type-options nosniff server cafe age 47603 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 30 May 2024 07:51:02 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C82	295 B 0	1ms 1ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 16:47:36 GMT x-content-type-options nosniff server cafe age 15409 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 30 May 2024 16:47:36 GMT
GET H3	200	2076313506083323656 tpc.googlesyndication.com/simgad/3470022690381396843/ Frame 7C82	44 KB 44 KB	27ms 24ms	Image image/jpeg	142.251.40.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3470022690381396843/2076313506083323656 Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.129 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f1.1e100.net Software sffe / Resource Hash 5b5a595043c072655c7540389371a68655443e655d9bf55fb272c26ce33deae0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Thu, 29 May 2025 20:45:22 GMT date Wed, 29 May 2024 20:45:22 GMT x-content-type-options nosniff age 1144 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45215 x-xss-protection 0 last-modified Tue, 26 Mar 2024 18:46:28 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET DATA	200 OK	truncated / Frame 7C82	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ffa7ccb1e4c9b249eaa1004e3fb22f32b74f65b3129829c113c971671954fb7 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012405101652000/ Frame 2D50	196 KB 0	4ms 4ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/amp4ads-v0.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8bcd7f7c00dc1726620982243dbd44c449cfe6ed8ef453f259f9792e57f6688b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:34:25 GMT age 487801 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56069 x-xss-protection 0 server sffe etag "34563da1c73ccd0c" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:34:25 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 2D50	15 KB 0	5ms 5ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-ad-exit-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e97a12e1aab95c9eb8c418eb72b826aceb025bee7b9f037c684b818648fb453 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:30:50 GMT age 488016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5217 x-xss-protection 0 server sffe etag "3d288e2c3c48752d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:30:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 2D50	95 KB 0	5ms 5ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-analytics-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 37b8e715cfb46f0ef2cccc7f648ecb7e6e30328fd59e3e0b5bbc095e356ee30b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:25:05 GMT age 488361 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29032 x-xss-protection 0 server sffe etag "e92040d23ff8ecb1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:25:05 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 2D50	5 KB 0	15ms 15ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-fit-text-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8d3d61a786370308a294ad9236dd9fe016542af1f4d430e542aeeede87c8015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:22:38 GMT age 488508 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1904 x-xss-protection 0 server sffe etag "3fbc3dcbf96de901" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:22:38 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012405101652000/v0/ Frame 2D50	40 KB 0	14ms 14ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012405101652000/v0/amp-form-0.1.mjs Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 968efc1e46e966f859a7eb9b25e07f1d516f6287d136dfd09362a13919539d15 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 24 May 2024 05:21:48 GMT age 488558 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12946 x-xss-protection 0 server sffe etag "5142532377b4a63a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 24 May 2025 05:21:48 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D50	2 KB 0	7ms 7ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:51:02 GMT x-content-type-options nosniff server cafe age 47603 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 30 May 2024 07:51:02 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D50	295 B 0	8ms 8ms	Image image/png	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cadmus.script.ac URL: https://cadmus.script.ac/dm9yz90bavn71/script.js?ver=66.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 16:47:36 GMT x-content-type-options nosniff server cafe age 15409 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 30 May 2024 16:47:36 GMT
GET DATA	200 OK	truncated / Frame 2D50	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d0a035f38cef5c4220039ffc846cec1bd1fc5219553c095bfcd2f8c9d9a70249 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	16981092935791795979 tpc.googlesyndication.com/simgad/ Frame 0F66	6 KB 6 KB	28ms 24ms	Image image/png	142.251.40.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16981092935791795979?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkj8Q7CQ1r3m9IjoHcQLsep7s5srQ Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.129 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f1.1e100.net Software sffe / Resource Hash d44ee3ce3a8c33cb182cc6cd52fe5e6e4cb74f186350eb26dd66c7cf916a825c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 04:33:16 GMT x-content-type-options nosniff age 491470 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6297 x-xss-protection 0 last-modified Tue, 30 Apr 2024 09:44:12 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 24 May 2025 04:33:16 GMT
GET H3	200	1587093705636235496 tpc.googlesyndication.com/simgad/ Frame 2D50	47 KB 47 KB	29ms 25ms	Image image/png	142.251.40.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1587093705636235496?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlrG4x8Z-gZCEfqnG69oOJvHFLZGQ Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.129 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f1.1e100.net Software sffe / Resource Hash 91df022f865e134d33b9c12b0816d8d94a30f7a6376e46e21b00125cf5524f96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 05:20:04 GMT x-content-type-options nosniff age 488662 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48044 x-xss-protection 0 last-modified Fri, 12 Apr 2024 21:32:14 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 24 May 2025 05:20:04 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame A55A	15 KB 16 KB	129ms 35ms	Font font/woff2	2607:f8b0:4006:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:48:25 GMT x-content-type-options nosniff age 47761 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 29 May 2025 07:48:25 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame A55A	15 KB 16 KB	121ms 27ms	Font font/woff2	2607:f8b0:4006:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 09:04:28 GMT x-content-type-options nosniff age 43198 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 29 May 2025 09:04:28 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 7C82	15 KB 0	121ms 121ms	Font font/woff2	2607:f8b0:4006:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 09:04:28 GMT x-content-type-options nosniff age 43198 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 29 May 2025 09:04:28 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 7C82	15 KB 0	129ms 128ms	Font font/woff2	2607:f8b0:4006:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:48:25 GMT x-content-type-options nosniff age 47761 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 29 May 2025 07:48:25 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 7C82	15 KB 15 KB	149ms 56ms	Font font/woff2	2607:f8b0:4006:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://a.xyz123.us.kg Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 07:47:54 GMT x-content-type-options nosniff age 47792 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 29 May 2025 07:47:54 GMT
GET		sodar pagead2.googlesyndication.com/pagead/	0 0
GET		si googleads.g.doubleclick.net/pagead/drt/ Frame 5E65 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0
GET		si googleads.g.doubleclick.net/pagead/drt/ Frame 0F66 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0
GET		si googleads.g.doubleclick.net/pagead/drt/ Frame 2D50 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0
OPTIONS H2	200	post parallax.askmediagroup.com/ Frame	0 0	115ms 98ms	Preflight	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://parallax.askmediagroup.com/post Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers access-control-allow-origin,content-type Access-Control-Request-Method POST Origin https://a.xyz123.us.kg Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * content-length 0 date Wed, 29 May 2024 21:04:26 GMT via 1.1 varnish x-cache MISS x-cache-hits 0 x-served-by cache-yyz4531-YYZ x-timer S1717016667.513248,VS0,VE83
POST H2	200	post Show response parallax.askmediagroup.com/	8 B 103 B	173ms 172ms	XHR text/plain	151.101.130.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://parallax.askmediagroup.com/post Requested by Host: www.reference.com URL: https://www.reference.com/_static/??-eJx9jMEKwkAMRH/INBRl9SJ+S6ghZGniutm1+PcW9dBTYeDB8GZwKaA+zf3OgXnNs3N9/zGY+pDjgHsSmEqlxlt5enhjb1jmLuqBRtG4ApnAr0KK4PY9KyQML+UFhNb9za7jeUyndEzpkj+8ZToe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.114 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json Access-Control-Allow-Origin * Accept application/json Referer https://a.xyz123.us.kg/ sec-ch-ua-platform "Win32" Response headers x-served-by cache-yyz4531-YYZ date Wed, 29 May 2024 21:04:26 GMT via 1.1 varnish x-timer S1717016667.612959,VS0,VE157 vary Accept-Encoding access-control-allow-methods * content-type text/plain; charset=utf-8 access-control-allow-origin * x-cache MISS accept-ranges bytes access-control-allow-headers * content-length 8 x-cache-hits 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 5E65 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=CnGj7WZhXZu75Atm_jvQP9YKbsAqcvsDOd6DHy6LdEbGQHxABII71wktgye6Oi8CkjBCgAffim7QoyAEC4AIAqAMByAMIqgS3Ak_QrqEyBy_XK6AcoJFeoWeMk2uFRebvomoupQ8OrhiF... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1ee6cf1fb87808de0000000000000000%22,%222%22:%220xda1875a338b3f460000000000000000%22,%223%22:%220xb968c66...	0 20 B	124ms 86ms	Image text/css	142.250.80.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1ee6cf1fb87808de0000000000000000%22,%222%22:%220xda1875a338b3f460000000000000000%22,%223%22:%220xb968c661d48560cd0000000000000000%22,%224%22:%220xf389ffc1b7911d200000000000000000%22,%225%22:%220xc1de3606f16d92940000000000000000%22},%22debug_key%22:%2213145661498357861855%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216696251453161853249%22}&andc=true Protocol H3 Server 142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x1ee6cf1fb87808de0000000000000000","2":"0xda1875a338b3f460000000000000000","3":"0xb968c661d48560cd0000000000000000","4":"0xf389ffc1b7911d200000000000000000","5":"0xc1de3606f16d92940000000000000000"},"debug_key":"13145661498357861855","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"16696251453161853249"} server cafe content-type text/css; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 29 May 2024 21:04:26 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1ee6cf1fb87808de0000000000000000","2":"0xda1875a338b3f460000000000000000","3":"0xb968c661d48560cd0000000000000000","4":"0xf389ffc1b7911d200000000000000000","5":"0xc1de3606f16d92940000000000000000"},"debug_key":"13145661498357861855","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"16696251453161853249"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame A55A Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=C6fbXWZhXZu_5Atm_jvQP9YKbsAqZl4yRdrGkjJeoEmQQASCO9cJLYMnujovApIwQoAG4vrabA8gBCakCZt_JRA17qD7gAgCoAwHIAwqqBLkCT9C7-o_S-E2x9DAUpz2f_IV9Q8b0cpFh... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0f11c1a593490740000000000000000%22,%222%22:%220xf9f08fadd41809160000000000000000%22,%223%22:%220xbb617d...	0 20 B	121ms 87ms	Image text/css	142.250.80.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa0f11c1a593490740000000000000000%22,%222%22:%220xf9f08fadd41809160000000000000000%22,%223%22:%220xbb617d0cca0bf61d0000000000000000%22,%224%22:%220xc5d1461dc7448f0000000000000000%22,%225%22:%220x4dc4654a54362a9e0000000000000000%22},%22debug_key%22:%2216125941120574960438%22,%22debug_reporting%22:true,%22destination%22:%22https://camso.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862822200%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213546817339037684289%22}&andc=true Protocol H3 Server 142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0xa0f11c1a593490740000000000000000","2":"0xf9f08fadd41809160000000000000000","3":"0xbb617d0cca0bf61d0000000000000000","4":"0xc5d1461dc7448f0000000000000000","5":"0x4dc4654a54362a9e0000000000000000"},"debug_key":"16125941120574960438","debug_reporting":true,"destination":"https://camso.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862822200"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"13546817339037684289"} server cafe content-type text/css; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 29 May 2024 21:04:26 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa0f11c1a593490740000000000000000","2":"0xf9f08fadd41809160000000000000000","3":"0xbb617d0cca0bf61d0000000000000000","4":"0xc5d1461dc7448f0000000000000000","5":"0x4dc4654a54362a9e0000000000000000"},"debug_key":"16125941120574960438","debug_reporting":true,"destination":"https://camso.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862822200"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"13546817339037684289"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 0F66 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=CXrWUWZhXZvD5Atm_jvQP9YKbsAqCnN7vd6Ls2f7bEmQQASCO9cJLYMnujovApIwQoAHr9-7SPcgBAuACAKgDAcgDCKoEygJP0KfIbl3P1kxZC4XcLrQJRQ6yyKbOLt9yyIDPBkkgIiz6... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc45393872d216e9c0000000000000000%22,%222%22:%220x691059728653c21f0000000000000000%22,%223%22:%220x76e0aa...	0 20 B	121ms 87ms	Image text/css	142.250.80.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc45393872d216e9c0000000000000000%22,%222%22:%220x691059728653c21f0000000000000000%22,%223%22:%220x76e0aa2492fa078f0000000000000000%22,%224%22:%220xa6d1ea405bf956ca0000000000000000%22,%225%22:%220xe64a03b7b37e0cfe0000000000000000%22},%22debug_key%22:%222961067990472370687%22,%22debug_reporting%22:true,%22destination%22:%22https://pdftoolpro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216548346859%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229382749370046621489%22}&andc=true Protocol H3 Server 142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0xc45393872d216e9c0000000000000000","2":"0x691059728653c21f0000000000000000","3":"0x76e0aa2492fa078f0000000000000000","4":"0xa6d1ea405bf956ca0000000000000000","5":"0xe64a03b7b37e0cfe0000000000000000"},"debug_key":"2961067990472370687","debug_reporting":true,"destination":"https://pdftoolpro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16548346859"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"9382749370046621489"} server cafe content-type text/css; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 29 May 2024 21:04:26 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc45393872d216e9c0000000000000000","2":"0x691059728653c21f0000000000000000","3":"0x76e0aa2492fa078f0000000000000000","4":"0xa6d1ea405bf956ca0000000000000000","5":"0xe64a03b7b37e0cfe0000000000000000"},"debug_key":"2961067990472370687","debug_reporting":true,"destination":"https://pdftoolpro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16548346859"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"9382749370046621489"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 7C82 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=C_Y-mWZhXZvH5Atm_jvQP9YKbsAq9nYCod5GTxZDDEtrZHhABII71wktgye6Oi8CkjBCgAfedsrs9yAEJ4AIAqAMByAMKqgTPAk_Q1eZzLaDNrALjYSiBmZ_ma03NoJzbGx3NVcBxmt39... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda2d5261fe2f8f090000000000000000%22,%222%22:%220x14d1e1337ecd14030000000000000000%22,%223%22:%220x5e712e...	0 20 B	116ms 85ms	Image text/css	142.250.80.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda2d5261fe2f8f090000000000000000%22,%222%22:%220x14d1e1337ecd14030000000000000000%22,%223%22:%220x5e712eb956c27f9b0000000000000000%22,%224%22:%220x83e312a1f66f0cf40000000000000000%22,%225%22:%220x105153f90626f12a0000000000000000%22},%22debug_key%22:%2213273875965661236622%22,%22debug_reporting%22:true,%22destination%22:%22https://image360.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216499117815%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224251761125998539713%22}&andc=true Protocol H3 Server 142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0xda2d5261fe2f8f090000000000000000","2":"0x14d1e1337ecd14030000000000000000","3":"0x5e712eb956c27f9b0000000000000000","4":"0x83e312a1f66f0cf40000000000000000","5":"0x105153f90626f12a0000000000000000"},"debug_key":"13273875965661236622","debug_reporting":true,"destination":"https://image360.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16499117815"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"4251761125998539713"} server cafe content-type text/css; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 29 May 2024 21:04:26 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xda2d5261fe2f8f090000000000000000","2":"0x14d1e1337ecd14030000000000000000","3":"0x5e712eb956c27f9b0000000000000000","4":"0x83e312a1f66f0cf40000000000000000","5":"0x105153f90626f12a0000000000000000"},"debug_key":"13273875965661236622","debug_reporting":true,"destination":"https://image360.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16499117815"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"4251761125998539713"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 2D50 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=CH-aUWZhXZvL5Atm_jvQP9YKbsAqGpIbbdua94o3AEvqd3KDUARABII71wktgye6Oi8CkjBCgAavr-_kCyAEC4AIAqAMByAMIqgTAAk_QMVnw3B3WdlnWu3SKSHBMxtDDBwEWxOJ8tMqn... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41d855118ee24ba60000000000000000%22,%222%22:%220x62037ed2b1b735dc0000000000000000%22,%223%22:%220xd92b0e...	0 20 B	107ms 86ms	Image text/css	142.250.80.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41d855118ee24ba60000000000000000%22,%222%22:%220x62037ed2b1b735dc0000000000000000%22,%223%22:%220xd92b0e4399bb48ce0000000000000000%22,%224%22:%220x734e5bd6c6746c3d0000000000000000%22,%225%22:%220xec7da9b72fd3c8430000000000000000%22},%22debug_key%22:%225250212941892263640%22,%22debug_reporting%22:true,%22destination%22:%22https://clarifion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22792655275%22],%2222%22:[%22true%22],%224%22:[%2205-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214929612407868590977%22}&andc=true Requested by Host: a.xyz123.us.kg URL: https://a.xyz123.us.kg/ Protocol H3 Server 142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://a.xyz123.us.kg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x41d855118ee24ba60000000000000000","2":"0x62037ed2b1b735dc0000000000000000","3":"0xd92b0e4399bb48ce0000000000000000","4":"0x734e5bd6c6746c3d0000000000000000","5":"0xec7da9b72fd3c8430000000000000000"},"debug_key":"5250212941892263640","debug_reporting":true,"destination":"https://clarifion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["792655275"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"14929612407868590977"} server cafe content-type text/css; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 29 May 2024 21:04:26 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Wed, 29 May 2024 21:04:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x41d855118ee24ba60000000000000000","2":"0x62037ed2b1b735dc0000000000000000","3":"0xd92b0e4399bb48ce0000000000000000","4":"0x734e5bd6c6746c3d0000000000000000","5":"0xec7da9b72fd3c8430000000000000000"},"debug_key":"5250212941892263640","debug_reporting":true,"destination":"https://clarifion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["792655275"],"22":["true"],"4":["05-29"],"6":["true"]},"priority":"500","source_event_id":"14929612407868590977"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 5E65	42 B 65 B	87ms 86ms	Image image/gif	142.251.35.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjNOgJWomc2Q52q93jUDlnJDCwnhq9hxI_FMt4PYkYHyNpXn1p6ORxDLEcM4iMSHxpFH0ulD9XbXZ-sk8zGVLmkN3kGHKNFzrwvWPgLHhYQBUP_IDbGXxng-HCEwV5nihevM9ELSLLiBapGOZTg3wo4nI_y29bu3o&sai=AMfl-YQmaHZSyN3J7L7HLAc4utBAI1JKPV71Q7874_3N0fqFz4J1lgwUlRgOiSKRoXnBjH2gghACdvWK7wEbQTe3Gl0zQ_bYYRuVaqDHTv5HJeGoEkCS1fMR2D1BOT7fJySB4tVCObXjllRK2GcDTsha&sig=Cg0ArKJSzCB03PfT8i0PEAE&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&id=ampim&o=280,843&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=676&tls=1676&g=100&h=100&tt=1676&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=125.0.6422.112&uab=64&uafvl=%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 29 May 2024 21:04:27 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 7C82	42 B 65 B	87ms 87ms	Image image/gif	142.251.35.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3I8xv2RpwWMA7WLAHc8XpcI6poJ1QQEw_Iv_t4k3ifaeE21jkFIq2OUh7UtSB_mm9h18ePgveFpY-wPI7ooCaPD9RPGQTUIXHQoE5jes2sdK-cuig4_uwyuq5L4IT3Cy1DBc3QLhGvSc6ay37kJ2vcaT1XK6NbgQ&sai=AMfl-YTQtR076oO3K94VoKBllHkdwxKPx6iQnBXqFUO6kG8Dlr9s7W8_UqWC2jP5bxG5uUJ-az4NHQW28t3154fKgGMaZvPngw2VDecXI9s__ZJUZtTwBjFRp6ZwyAseyPt2izaA5s5eKe1S6jX2us6_&sig=Cg0ArKJSzKcaJ1cMN4qNEAE&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&id=ampim&o=1083,525&d=283,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=538&tls=1539&g=100&h=100&tt=1539&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=125.0.6422.112&uab=64&uafvl=%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 29 May 2024 21:04:27 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 2D50	42 B 65 B	86ms 86ms	Image image/gif	142.251.35.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM_rHATNo3Wi9fby15i1hzahARfEyZZ2rptewxs9g_A3qBmfFZju7Sasfk3mfvj1YQm1oYY0WkLW6llDABXmDHU43mPr2DmBc9xocQoZNT_LrQUfiwAZ1PSB4LYq166lUAK68p63eD2nzP77q2uRiGCU43oRPX0nU&sai=AMfl-YTYx5WkrKEKGGcFUXJoNuTnHkRmqsFp_v45Eqlt7SdqGKdPSByLzSwqUfW6UJOL3ORv78FSZS5Z4_ljvxkRzb34lBR_IveMgkHn3eYUAw0ioUn1ytne_thN4Pn6-uJdvUd4-zLiercugHHQSd4R&sig=Cg0ArKJSzGHuDsWEWcJ2EAE&cid=CAQSTgDaQooL5j61lrgnZ3CsxsgkmNL8Ezu4nUrMbFqnYV9kYa26QWl03HhALWow-OyCtW3xVpn--y5RZ46l-a-OscWU8Uiwb3I01HuL0KCKKBgB&id=ampim&o=1083,785&d=283,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=501&tls=1501&g=100&h=100&tt=1501&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=125.0.6422.112&uab=64&uafvl=%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 29 May 2024 21:04:27 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	55ms 54ms	Ping text/plain	216.239.36.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-JWGLYE8PG5&gtm=45je45m0v9172111975z8840475645za200zb840475645&_p=1717016664370&gcd=13l3l3l3l1&npa=0&dma=0&cid=801587339.1717016665&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&dp=%2F&dt=Reference.com%20-%20What%27s%20Your%20Question%3F&sid=1717016664&sct=1&seg=0&dl=https%3A%2F%2Fa.xyz123.us.kg%2F&_s=2&tfd=6860 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JWGLYE8PG5&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.36.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://a.xyz123.us.kg/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 29 May 2024 21:04:29 GMT server Golfe2 content-type text/plain access-control-allow-origin https://a.xyz123.us.kg cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405230101&jk=3423024977816436&bg=!r6ylrOPNAAa8lUhInJU7ADQBe5WfOFIbkc25Pj7E1PEBEuO-2FtlsuZdMyvWUNsgYfsSpB9_ni7kYztwqcP8N_7QHvOWAgAAAE1SAAAABWgBB34ANq9dxEAR9XD23Opl7ZQRo_63fo3_cbXEW_IbLBLbVKJwct7KM4mkRkdavxgt5eRWrX-EBxiX1goAXdxBVQg2r5MWCsJG884KNETXl_UQZ2_hFeHvAlYPFCv0yY3-NvnY00RWTobPwj136XFlF7UGKio0Ao1Am_kV9H9ExiMrAq2t4uNMUS4rZhPke0Xw_R2bY4TEZNHK6ZkCo0f1RCR4smd8WJnS-vGFElShIHh37K0dtfSyAueWsXEDBKU2U6qjwwwSEeRKRZwViUrEjcsT69a7AImtCOw0_o67Y6hUtlzIr8kbrFtqjeBPycJCYrcSq848I3OYTnoaqLbMjkqb9jkLMMHe58FeADQpl_hozEqnyYXq37WudKq2v0M9RX0Q0UPYOdUF4zqE9VIdz1dX54CS2py2YL-yr46r8ulc41YEtNFEdU-lKL1fWfMYvZINQ-IR7mLehPipVFpjomGzSzo2_F7IWbsinCt9-fcdinHMmgYnwdnOi-V3s5-0L0z1HxSvrDHwvbyNiGNA1g4djKOTwLdaY6zFxFoyYsn0gpL2nAJ8P6A6jDOUDLXOF-J8pk06IIZnlVs8u7mT6LoObrv1FsqJ_JIOyXPsspta2vBOX-AU2xhJtzWvccQ8ScNur6BKfEOjiMz6jL16T2PcVWixi103pwP_K7mXiI_Rk8QHLTLCDzumFEefPgaqbeMlTl7u960lyLJO26IoGHA5L1cmobrRVAnQCKnxkeKcs96P4LeKep1NIGpKUR0zBT6YCLuquOEmfyKIvZmJjC6XSnhf8cBxa0gG-nDCG8ceDEqCKFSrpJ_VcZCVaY7n4lMKbbnNKJ5T2qwiRXjbM5wTbgL7-KMbNfKy11KRlxdqs5AwRNyS0jYT6Lpf7ZemLs5Dh5Q1jX0_hba6ZMNuxDy1hJqn87UxVr393FZCAkAhMmgiam8NNYIIpl4Ig5lfTOcQWunbugxxzMibUgznyqpehI0SfVuRv4AtBWggsdWuZY6T2mVAT4lXHyZfYFg714KeiKTFa2F_rdWeZb6OxQc8Vdss3aAVf2xua2XXNazymZak3CYTa96A-nJ6u34a9C5Ro6p9y1cI3dsgMqrPtw

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA