urlscan.io logo urlscan.io
SecurityTrails logo

blog.m-r.pw Open in urlscan Pro
2607:f8b0:4006:80e::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blog.m-r.pw/2022/11/shareurl.html
Effective URL: https://blog.m-r.pw/2022/11/shareurl.html
Submission: On March 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 41 HTTP transactions. The main IP is 2607:f8b0:4006:80e::2013, located in United States and belongs to GOOGLE, US. The main domain is blog.m-r.pw.
TLS certificate: Issued by GTS CA 1D4 on February 3rd 2024. Valid for: 3 months.
This is the only time blog.m-r.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2607:f8b0:4006:80e::2013 (United States)

ASN15169 (GOOGLE, US)
blog.m-r.pw
1    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3037::ac43:9531 (United States)

ASN13335 (CLOUDFLARENET, US)
www.moody0100.com
11    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:817::2009 (United States)

ASN15169 (GOOGLE, US)
www.blogger.com
4    2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
13    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:80e::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
www.google.com — Cisco Umbrella Rank: 2
74 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
309 KB
4 gstatic.com
fonts.gstatic.com
37 KB
3 m-r.pw
blog.m-r.pw
24 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
7 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11925
857 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
251 B
1 moody0100.com
www.moody0100.com — Cisco Umbrella Rank: 970183
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
94 KB
41 9
Domain Requested by
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 pagead2.googlesyndication.com blog.m-r.pw
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 fonts.gstatic.com blog.m-r.pw
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 blog.m-r.pw 1 redirects blog.m-r.pw
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.blogger.com blog.m-r.pw
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.moody0100.com blog.m-r.pw
1 www.googletagmanager.com blog.m-r.pw
41 11

This site contains links to these domains. Also see Links.

Domain
m-r.pw
twitter.com
www.twitter.com
Subject Issuer Validity Valid
blog.m-r.pw
GTS CA 1D4		 2024-02-03 -
2024-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
moody0100.com
GTS CA 1P5		 2024-03-13 -
2024-06-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://blog.m-r.pw/2022/11/shareurl.html
Frame ID: 2FE4297BF3B9114F1D2B1F8A5188A691
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&adk=1812271804&adf=3025194257&lmt=1710622549&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l&format=0x0&url=https%3A%2F%2Fblog.m-r.pw%2F2022%2F11%2Fshareurl.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710622548598&bpp=4&bdt=435&idt=490&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2335107924558&frm=20&pv=2&ga_vid=1407921821.1710622549&ga_sid=1710622549&ga_hid=383807010&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081827%2C42531705%2C42532524%2C95326316%2C95327951%2C95327954%2C31080990%2C95325785&oid=2&pvsid=1982849072355724&tmod=694971272&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=525
Frame ID: 2F94FB3BE757FC8F4E5709E7A3CC2388
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&h=280&slotname=9420303836&adk=2355867612&adf=935856496&pi=t.ma~as.9420303836&w=1110&fwrn=4&fwrnh=100&lmt=1710622549&rafmt=1&format=1110x280&url=https%3A%2F%2Fblog.m-r.pw%2F2022%2F11%2Fshareurl.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710622548602&bpp=2&bdt=440&idt=529&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2335107924558&frm=20&pv=1&ga_vid=1407921821.1710622549&ga_sid=1710622549&ga_hid=383807010&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081827%2C42531705%2C42532524%2C95326316%2C95327951%2C95327954%2C31080990%2C95325785&oid=2&pvsid=1982849072355724&tmod=694971272&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=535
Frame ID: B3E67574F6AC56ABA2D52C8F0CE67AEF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12F26A43FE8EA13A2F352655C30F9530
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD89EFD2363F537EFEA48085D50CAA73
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

04 m-r.pw

Page URL History Show full URLs

  1. http://blog.m-r.pw/2022/11/shareurl.html HTTP 301
    https://blog.m-r.pw/2022/11/shareurl.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

11
Subdomains

11
IPs

1
Countries

549 kB
Transfer

1533 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blog.m-r.pw/2022/11/shareurl.html HTTP 301
    https://blog.m-r.pw/2022/11/shareurl.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request shareurl.html
blog.m-r.pw/2022/11/
Redirect Chain
  • http://blog.m-r.pw/2022/11/shareurl.html
  • https://blog.m-r.pw/2022/11/shareurl.html
94 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dee14d65c57a91578f304f2a1772aaa5d07790262fd59e08ede011261f721cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
20683
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 20:55:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
203
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Mar 2024 20:55:47 GMT
Expires
Sat, 16 Mar 2024 20:55:47 GMT
Location
https://blog.m-r.pw/2022/11/shareurl.html
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		282 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-28SME5LF83
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74f9ee675f12f659ef534904aab731133bbaa972bb8816e0375cc6b7af17363b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96288
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Mar 2024 20:55:48 GMT
logo-1689011385.svg
www.moody0100.com/uploads/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moody0100.com/uploads/logo-1689011385.svg
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfbc04855b36a4f1602467e1a14ec1a9f974974cd1e94e604906635e263622de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:48 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346015
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jul 2023 17:49:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ggwt5EwnvNPW3eD6v%2FHZZ77yC7AIuHvckN%2BdYRayprab8YH2Te%2BWAyhu%2BbTJE52uPWIQo4w7m%2Fzz1yfAe107BXYBnz4sZDEFi%2BgmOK8wbV4QQktGO2anWgZ%2B3u0uQocmjOTvklhtdrEhlWpP4r9XUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
8657a56eab202887-MIA
expires
Tue, 19 Mar 2024 20:48:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45c27d293fd8df989c4a43fe5eef8a2ac08ec933f6d9050227726da300494082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Origin
https://blog.m-r.pw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51020
x-xss-protection
0
server
cafe
etag
10345192369649615599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 16 Mar 2024 20:55:48 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4144520378317533942&zx=518b5cd1-ff53-4ce7-9238-1cad40261571
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sat, 16 Mar 2024 20:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Mar 2024 20:55:48 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
summary
blog.m-r.pw/feeds/posts/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.m-r.pw/feeds/posts/summary?&max-results=5&alt=json-in-script&callback=ticker_feeds
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
9e17fb8f9288b2c4f2e6e5b5c1c491ca98083c87c951d88472b12eb67d757596
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/2022/11/shareurl.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2024 10:05:14 GMT
server
blogger-renderd
etag
W/"ab77d97babe8cdce295de4acdba18bd93c4aceabbe42edfd207acc843d9f9c51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
3268
x-xss-protection
0
expires
Sat, 16 Mar 2024 20:55:49 GMT
Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v3/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Origin
https://blog.m-r.pw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:49:27 GMT
x-content-type-options
nosniff
age
259581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8488
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:31:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:49:27 GMT
Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Origin
https://blog.m-r.pw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:00:24 GMT
x-content-type-options
nosniff
age
258924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9864
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:31:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 21:00:24 GMT
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Origin
https://blog.m-r.pw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 07:04:11 GMT
x-content-type-options
nosniff
age
222697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9988
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:34:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Mar 2025 07:04:11 GMT
Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v3/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Origin
https://blog.m-r.pw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:27:26 GMT
x-content-type-options
nosniff
age
181702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8600
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:34:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Mar 2025 18:27:26 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
88 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4144520378317533942&zx=518b5cd1-ff53-4ce7-9238-1cad40261571
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sat, 16 Mar 2024 20:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Mar 2024 20:55:48 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
243c847c084bce46b9a57f7dd2740d8e47aa1fc8c315a229b1af460a5f02af61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140956
x-xss-protection
0
server
cafe
etag
6335361544552648447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 20:55:48 GMT
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-28SME5LF83&gtm=45je43d0v9135468093za200&_p=1710622548184&gcd=13l3l3l3l1&npa=0&dma=0&cid=1407921821.1710622549&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710622548&sct=1&seg=0&dl=https%3A%2F%2Fblog.m-r.pw%2F2022%2F11%2Fshareurl.html&dt=04%20m-r.pw&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1869
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-28SME5LF83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 20:55:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.m-r.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2F94 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&adk=1812271804&adf=3025194257&lmt=1710622549&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l&format=0x0&url=https%3A%2F%2Fblog.m-r.pw%2F2022%2F11%2Fshareurl.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710622548598&bpp=4&bdt=435&idt=490&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2335107924558&frm=20&pv=2&ga_vid=1407921821.1710622549&ga_sid=1710622549&ga_hid=383807010&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081827%2C42531705%2C42532524%2C95326316%2C95327951%2C95327954%2C31080990%2C95325785&oid=2&pvsid=1982849072355724&tmod=694971272&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=525
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b893b6f72c1e75ded8328f895971d91284c83e61dbb056ebce7bb9c8bd52d53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5761
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 20:55:50 GMT
expires
Sat, 16 Mar 2024 20:55:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=main_menu_row&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 20:55:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B3E6 		832 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&h=280&slotname=9420303836&adk=2355867612&adf=935856496&pi=t.ma~as.9420303836&w=1110&fwrn=4&fwrnh=100&lmt=1710622549&rafmt=1&format=1110x280&url=https%3A%2F%2Fblog.m-r.pw%2F2022%2F11%2Fshareurl.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710622548602&bpp=2&bdt=440&idt=529&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2335107924558&frm=20&pv=1&ga_vid=1407921821.1710622549&ga_sid=1710622549&ga_hid=383807010&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081827%2C42531705%2C42532524%2C95326316%2C95327951%2C95327954%2C31080990%2C95325785&oid=2&pvsid=1982849072355724&tmod=694971272&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=535
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37f10a56ff846f078cada781531ec6265645618bd9d3c775fa62243478ded461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 20:55:50 GMT
expires
Sat, 16 Mar 2024 20:55:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-1438122513328653
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1438122513328653?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9bf1cace63537942636219e3a0e6e6a3f15bffff23658444b79c279ff520b50a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CxOwsc7aOkrstulG5Bo8bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-CxOwsc7aOkrstulG5Bo8bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDca3vxno2gQ9_151jBgDfEjHs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70a31d4f9788784aa7fa47d299a8c2ebe61e6917b63dd4d08b2779ed38c5ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32372
x-xss-protection
0
server
cafe
etag
14127580652247427282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 20:55:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C31081827%2C42531705%2C42532524%2C95326316%2C95327951%2C95327954%2C31080990%2C95325785&hl=ar&pvc=1982849072355724
Requested by
Host: blog.m-r.pw
URL: https://blog.m-r.pw/2022/11/shareurl.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 20:55:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
AGSKWxXOZWX94aq-jP75ntUtnz_tn7WWuV1mSOMK3UUeLGpUmLkGU_4-jaa_imGCsd762W79P7sfZ1Z2V3aZsr7jt_U1dcinfzPFePGBeCWgQevoAFs4ZX5Qvu3R_Yg7CvFy3dDweSeoFg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXOZWX94aq-jP75ntUtnz_tn7WWuV1mSOMK3UUeLGpUmLkGU_4-jaa_imGCsd762W79P7sfZ1Z2V3aZsr7jt_U1dcinfzPFePGBeCWgQevoAFs4ZX5Qvu3R_Yg7CvFy3dDweSeoFg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjIyNTUxLDE1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ibG9nLm0tci5wdy8yMDIyLzExL3NoYXJldXJsLmh0bWwiLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6db8a5473819ba4e9ba30333f5323f8d47230eb995f40284b289a3f7599b226d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ou1vxCp90A470w4prBNYvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ou1vxCp90A470w4prBNYvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNcb3vxno2gRVTW1MBqL4wpA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6686f08239c133edf489fdde14bc3e9ef04452127b82766112de42d1f35fed04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12242
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Mar 2024 20:55:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12F2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
177127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 19:43:44 GMT
expires
Fri, 14 Mar 2025 19:43:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CD89 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5a67988af49e0aa07c16e3f2735ac3de592e5846b0b1b57555fd1614814f7568
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AVS7Y_qzLm62qy7EY9NBjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.m-r.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-AVS7Y_qzLm62qy7EY9NBjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 20:55:51 GMT
expires
Sat, 16 Mar 2024 20:55:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame 12F2 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 19:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
177534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Mar 2025 19:36:57 GMT
generate_204
tpc.googlesyndication.com/ Frame 12F2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zcqiug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview.
fundingchoicesmessages.google.com/f/AGSKWxW8y54N0DaOCguQSvx1bXRL6qx7d-OjRqepzK5scDgx_duDNWHOM34Dskorh6GzyoQ40UBGHfEQ_1okl3EfsfT_7dgDkGU30h_qwrHWZlLR07eJ7Eo0RFdOjAcmuV5KYISNbE3niRoUQB2lq9BkvkYfkwZhj... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW8y54N0DaOCguQSvx1bXRL6qx7d-OjRqepzK5scDgx_duDNWHOM34Dskorh6GzyoQ40UBGHfEQ_1okl3EfsfT_7dgDkGU30h_qwrHWZlLR07eJ7Eo0RFdOjAcmuV5KYISNbE3niRoUQB2lq9BkvkYfkwZhjQo7swvLhzHTRz7cwmhD7iSISktT3YJI/_-125x40-/googleafs./ad/index_/googleAdTaggingSubSec./adview.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGFhSBGkuR9VJeBYRtSsPNSN2hkg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8cd564a61396a79acac7cd4687cc35f63e97ba5ddff2347f43243d2b9157b13
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BJ1TJCCqa4uKOn5h9ddViA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BJ1TJCCqa4uKOn5h9ddViA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEw3G978Z6NoEHk-fuZgYALh82YA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGFhSBGkuR9VJeBYRtSsPNSN2hkg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a8e56a215fc81346535ca9af04f165917bb9324ab507110f7423c949570ccee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51019
x-xss-protection
0
server
cafe
etag
12772627089549615937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 16 Mar 2024 20:55:51 GMT
AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7BIFtjtbFCEyHDG_QYny8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-7BIFtjtbFCEyHDG_QYny8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1hDgFiIm-NG3431bAIHvj6RAwC6nwxE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://blog.m-r.pw
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CD89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=1982849072355724&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CnomwM400V2WePhk6J9ziA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-CnomwM400V2WePhk6J9ziA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw15BiWMS_i6mW4RlTKxA7pc9gDQFiIW6OG3031rMJHPj6XBYA7V0NvA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://blog.m-r.pw
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c-Kim5GT4X53NtSWzoh_Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-c-Kim5GT4X53NtSWzoh_Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1hDgFiIm-NG3431bAIbFnwMAgC6Mgwk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://blog.m-r.pw
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uyv5dSTJMyZ0mCNt6UiNZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-uyv5dSTJMyZ0mCNt6UiNZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIm-NG3431bAIHPs8MBgC59gwq"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://blog.m-r.pw
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWAbMb28Mb0y2Of0wUieje_Sxenbgcyte9PBBCBaflAzGMduX6hAkZ5hFRm2oy03SndAOQGEbe19KY4mTKoFNXI1QufW4DT8re-4HrjTUolOGLlOvnnORYGAWOi9r0KUR-ZK6oI_A==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWAbMb28Mb0y2Of0wUieje_Sxenbgcyte9PBBCBaflAzGMduX6hAkZ5hFRm2oy03SndAOQGEbe19KY4mTKoFNXI1QufW4DT8re-4HrjTUolOGLlOvnnORYGAWOi9r0KUR-ZK6oI_A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjIyNTUyLDU4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ibG9nLm0tci5wdy8yMDIyLzExL3NoYXJldXJsLmh0bWwiLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b0baa1ca72c8f1981e76bf4c73c450f4c0154f7fb3b9facb263dd10ac91682
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-STS_gtVjhOtPW9Bjtphe-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-STS_gtVjhOtPW9Bjtphe-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNcaPvxno2gQX37oYDAKzLMTY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jqLEm8fVjFTR8W2gADhmIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-jqLEm8fVjFTR8W2gADhmIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1hDgFiIh-NG3431bAIXHpxqZQQAyBcMkw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://blog.m-r.pw
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU4ni8jQ3g80qaB0nEB3zOs98vGmKhV2RZUhY89MG-TXxFBC1tuZpIoIN493fsbHBWU4SPU3pTlRulS-AhB7Cw-GPwsnbcX23_MJugUY30ISt6cNBn5ASu5Hg6506cOIcGpyAsedA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU4ni8jQ3g80qaB0nEB3zOs98vGmKhV2RZUhY89MG-TXxFBC1tuZpIoIN493fsbHBWU4SPU3pTlRulS-AhB7Cw-GPwsnbcX23_MJugUY30ISt6cNBn5ASu5Hg6506cOIcGpyAsedA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjIyNTUyLDIzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYmxvZy5tLXIucHcvMjAyMi8xMS9zaGFyZXVybC5odG1sIixudWxsLFtbOCwiSUlVdERTUVJRa00iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30bba24f31d5cf34535c336bdc0f7e29c8ffee736a4c175957423115985ea700
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5f5ekCmCQTsxQbGW6BfBZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5f5ekCmCQTsxQbGW6BfBZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw1pBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEw3Gj78Z6NoEdP9p6GAEr7zZR"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVVdwSvbEIRMgkCrccz-3e_1RvSWkS6KiBorJVq-zNLvJ2TbV1V7-uRULJzxENCzYtpCAfJkVyYHiyxDxMKv0WGIl32uYgjEs4XBBsBIJd2CUpX7eXG26wzbd-70vx4HSIwJMQdYg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVVdwSvbEIRMgkCrccz-3e_1RvSWkS6KiBorJVq-zNLvJ2TbV1V7-uRULJzxENCzYtpCAfJkVyYHiyxDxMKv0WGIl32uYgjEs4XBBsBIJd2CUpX7eXG26wzbd-70vx4HSIwJMQdYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjIyNTUyLDMzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ibG9nLm0tci5wdy8yMDIyLzExL3NoYXJldXJsLmh0bWwiLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54deff77a016ac98b85ae231e09b81b8ad6a817afb247deb0b3febeca40d2a5d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WuFj1oBlMgtDhDe2nIPJ_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WuFj1oBlMgtDhDe2nIPJ_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDcaPvxno2gRnPju5mBADf3TGH"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=1982849072355724&bg=!qqmlqebNAAY_ejuoH3o7ADQBe5WfOAcWRg-Oo5_4tSoHqn2j-Wg33nWWoQhe2Lu1Oc-FrZPaFOhOHCKLNEl2r7WoU5JYAgAAAHRSAAAAAWgBB5kCxXiSVLh-1kOsfcGMpNaTOgmsYKCymgr5H-J9hsqebVMbHu1ikigU6wUcLiGHMpudLqCQPsnCgYAq3K0Q4Avg1VByTQkT8vT4lfuEknHZlzC9qMZRxVcqrQd5XUSTq6Gxd_mdihaNDD4yb7c18VAd9pqLYuxEEPdnO6EJNYLY9pCV9-zS5cnL91rDtlwSxUi1ktOJXIorLmhC56U1yO0TiDyFpy4jQml---mQ3JLzbFdpHQexYD6_NJ8kQQeItXcTGd4r2Ysyr6yoMqTyUqUxzgIX98RWXk8Mx5WM38TFc_YRaQX6ldyifVz09YkVa1rkbm93nYHXVisAgLQ14_2jJLBv_ae8GWTCZn52x2pgiEPMWDK51bYNkWkSoemGcRPKkX-dR53jkywbBnr2UHWzjM90uawskZs36cxqBpliCoy6K0CMZ4Yi3WSqn7lSeibZSh-MkjKiqJgdpgPGJ9FtTpRilQsOWLxfyn0xGxPQqbWfJx4qcssNn4viG-hKeiLSiZB_w9BQnoIdX38DIH0F2qfP063n-B4hZBhu-0RbohG6F0kmHvA4XjwWA6COj9FEkrG9ifqs9SAy_EtUCz8r1ln9Y7BQmfdXmGUODjIdpOcim-dG0Y4nZF65ixRFPyBvJUrV4BRzAP005-YHT_J0cOAv075TJ4Bvg_DOMTfP01Ss1i_i_GLtWn9CYkpKH-FIwXe9WqGK4WUsLMsrOL2pwvnakJ_RuuqVScc3Y_dr-m-IoK78O4BVBvxatPdJPWvIocnSEzktQhEGnT_cNKLLys9SoJTSxj5CRmBEdU6pzgpZ-8d7TIpR2uEUsps4qrPIcGl1VwVXj3xiEjZv0NXvcvk4A3jYS0hhbhchao5hAtmAp4o1DBQA7lyxoRJlSKqFLLlRoAfhRyKdnpjZRjHu_Rud0SBehxQxsvGZn_l9JVfWcs6rOTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blog.m-r.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
AGSKWxUZmwPdstEU3EMwsG0j5m9wWOy0d16hLFeRHFHLhMEYOE7-ItkpFBljSFjU5d8G0xvRknd6cPlJHbLZ5f8TqW7aOQs-vh8Jq7LpwNgmh8iujeLnwuUHG3Crls6_IqvAoTI4EGfWwQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUZmwPdstEU3EMwsG0j5m9wWOy0d16hLFeRHFHLhMEYOE7-ItkpFBljSFjU5d8G0xvRknd6cPlJHbLZ5f8TqW7aOQs-vh8Jq7LpwNgmh8iujeLnwuUHG3Crls6_IqvAoTI4EGfWwQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Gv3UVOEeRDKlLScVICd_Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Gv3UVOEeRDKlLScVICd_Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIh-NG3431bAITfjY-ZwQAxlgMfw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://blog.m-r.pw
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXRbk3-7nazo04i9N30mve9UA1iisgHGiapKC4Ac2S1zigrgv8jpNioRLzPIz9e2py6CsTDn1526TvjVG0EN6-kqFHbb_JM1BCg2QRhNe4bsn-_6_V3c0ZL3eihCDBmlL25H9_vcg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z3iKEeAiRjZFwyplnElIjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.m-r.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Mar 2024 20:55:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-z3iKEeAiRjZFwyplnElIjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1JBiWMS_i6mW4RlTKxA7pc9gDQFiIR6OG3031rMJbPi88SUjAPrhDjw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://blog.m-r.pw
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| gtag object| dataLayer object| adsbygoogle function| Ticker function| Lazy_light function| ticker_feeds string| isearch object| tryb string| archive object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_llp function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjZkZWU5ZmEwNWQyNDM3ZWxvYWRlcl9qcw== string| ZjZkZWU5ZmEwNWQyNDM3ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| GoogleGcLKhOms boolean| b9de8add-f87e-4284-9a5d-1a3837028edd

7 Cookies

Domain/Path Name / Value
.m-r.pw/ Name: _ga
Value: GA1.1.1407921821.1710622549
.m-r.pw/ Name: _ga_28SME5LF83
Value: GS1.1.1710622548.1.0.1710622548.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.m-r.pw/ Name: __gads
Value: ID=f2305f5b1f26d786:T=1710622550:RT=1710622550:S=ALNI_MY_hXBq22DxKOL2-W3onBfBM049zA
.m-r.pw/ Name: __gpi
Value: UID=00000dd30ebf36eb:T=1710622550:RT=1710622550:S=ALNI_MaSsNYc__7D67qenYQ58KLQFSQYhA
.m-r.pw/ Name: __eoi
Value: ID=fa3e17ef61eb4a1d:T=1710622550:RT=1710622550:S=AA-AfjZK6QZ6XHod9nGmIbwdHGdG
.m-r.pw/ Name: FCNEC
Value: %5B%5B%22AKsRol85skG45tqNxl7x2kzONG_JaTtlbfRGYXCvC7XErTffZ636fsgk_2PH89LA3m2HXed7UJ5vgw3TTC1Fv07wypB0CJYGofPG49WSucO-s0gcNLxLM9eh1i9r95AS_8BS-b0bfLY8BcizOadMReJjREigqSq6MA%3D%3D%22%5D%5D

3 Console Messages

Source Level URL
Text
network error URL: https://blog.m-r.pw/2022/11/shareurl.html
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://blog.m-r.pw/2022/11/shareurl.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://blog.m-r.pw/2022/11/shareurl.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.m-r.pw
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.moody0100.com
2606:4700:3037::ac43:9531
2607:f8b0:4006:807::200e
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80e::2013
2607:f8b0:4006:80f::2001
2607:f8b0:4006:817::2009
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:822::2002
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
243c847c084bce46b9a57f7dd2740d8e47aa1fc8c315a229b1af460a5f02af61
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
30bba24f31d5cf34535c336bdc0f7e29c8ffee736a4c175957423115985ea700
32b0baa1ca72c8f1981e76bf4c73c450f4c0154f7fb3b9facb263dd10ac91682
37f10a56ff846f078cada781531ec6265645618bd9d3c775fa62243478ded461
3a8e56a215fc81346535ca9af04f165917bb9324ab507110f7423c949570ccee
453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2
45c27d293fd8df989c4a43fe5eef8a2ac08ec933f6d9050227726da300494082
54deff77a016ac98b85ae231e09b81b8ad6a817afb247deb0b3febeca40d2a5d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a67988af49e0aa07c16e3f2735ac3de592e5846b0b1b57555fd1614814f7568
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6686f08239c133edf489fdde14bc3e9ef04452127b82766112de42d1f35fed04
6b893b6f72c1e75ded8328f895971d91284c83e61dbb056ebce7bb9c8bd52d53
6db8a5473819ba4e9ba30333f5323f8d47230eb995f40284b289a3f7599b226d
70a31d4f9788784aa7fa47d299a8c2ebe61e6917b63dd4d08b2779ed38c5ab25
74f9ee675f12f659ef534904aab731133bbaa972bb8816e0375cc6b7af17363b
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
9bf1cace63537942636219e3a0e6e6a3f15bffff23658444b79c279ff520b50a
9e17fb8f9288b2c4f2e6e5b5c1c491ca98083c87c951d88472b12eb67d757596
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
dee14d65c57a91578f304f2a1772aaa5d07790262fd59e08ede011261f721cb5
dfbc04855b36a4f1602467e1a14ec1a9f974974cd1e94e604906635e263622de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8cd564a61396a79acac7cd4687cc35f63e97ba5ddff2347f43243d2b9157b13