marfaa.devlif.com Open in urlscan Pro
2a02:4780:1e:29f3:7994:db24:c001:9387 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://marfaa.devlif.com/
Submission: On March 07 via api (March 7th 2024, 3:24:20 pm UTC) from US — Scanned from US

Summary HTTP 35 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2a02:4780:1e:29f3:7994:db24:c001:9387, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is marfaa.devlif.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 4th 2024. Valid for: 3 months.

This is the only time marfaa.devlif.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a02:4780:1e:... 2a02:4780:1e:29f3:7994:db24:c001:9387	47583 (AS-HOSTINGER) (AS-HOSTINGER)
9	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4004:c08::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c0b::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::6a	15169 (GOOGLE) (GOOGLE)
1	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
2	2607:f8b0:400... 2607:f8b0:4004:c06::cf	15169 (GOOGLE) (GOOGLE)
35	10

5 2a02:4780:1e:29f3:7994:db24:c001:9387 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)

marfaa.devlif.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c08::8b (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

597211892979fcd253bf53829e529997.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c0b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::cf (Washington, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	71 KB
10	googlesyndication.com 597211892979fcd253bf53829e529997.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	95 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	186 KB
5	devlif.com marfaa.devlif.com	86 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 303	26 KB
1	8proof.com 8proof.com — Cisco Umbrella Rank: 47102	44 B
35	6

	Domain	Requested by
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	marfaa.devlif.com	marfaa.devlif.com
4	securepubads.g.doubleclick.net	marfaa.devlif.com securepubads.g.doubleclick.net 597211892979fcd253bf53829e529997.safeframe.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	storage.googleapis.com	srcdoc
2	597211892979fcd253bf53829e529997.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	8proof.com	597211892979fcd253bf53829e529997.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
35	10

This site contains links to these domains. Also see Links.

Domain
wordpress.org
generatepress.com

Subject Issuer	Validity	Valid
marfaa.devlif.com ZeroSSL RSA Domain Secure Site CA	`2024-03-04` - `2024-06-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-16` - `2025-02-07`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://marfaa.devlif.com/
Frame ID: F821E28AE1A692E93CEDF0B27D9D759F
Requests: 23 HTTP requests in this frame

Frame: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC6B5185AF831028868D669E8008C1B5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D54D7751D664C77E81663E889CE310B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEA991CFED408CE5F79EE234E14A1754
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: C1BBBFB3FE58CF51E99CCBFB154B3129
Requests: 1 HTTP requests in this frame

Frame: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 205FFBBDF645E123DBDF2B7780E874AB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrtChHtzpZbfGJenhj-8Pn-OHmAXamImHa8-ppu-ODsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTM0MjMwODU1NDUyOTYyMzHIAQngAgCoAwHIAwKqBIsCT9DNZzqErm_2FGJx4qfn9ecSBt_b4WbSbuM8ebd1Yz2WuKT1cZ0hYnwphhIoXLj_LZRquvbqeiuNhNyCaEPSXso2y3qUH0FYy8HyuSySILotY-yuXXxSzfolSWHIUzio4kkefO9Nv-JZdmERBpfhwCvlWWvGRTCQoETpIyk9BtOI7zw_5Sn9kZE1OKDmgO6ijLxkMob2uRq_gwHr-lvp8sBeflNca7-JxdydPHMxAibD6-WbKBhwDKyjKFmcCPBxGNm-8oom7jw0aU0FudT4aQP2i7w8U3_Np0mG3SqqkahCXzNPVkckkXtHE7sc3Xp9V9yXwGGm_4lGFM8AwriaJaeRufSq_Y5DpWCA4AQBgAaIuPuag4fHpT6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAoChIvf3BOlijmofYuuKEA4AKA_oLAggBgAwB4g0TCIPOh9i64oQDFenw4wcdn_EBU9AVAYAXAbIXHAoaEhRwdWItMzQyMzA4NTU0NTI5NjIzMRj_-R0&sigh=EHTna8zlcbA&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqh03FmaoekmF5ZRryGxH9YjLZ1ylwz-I1Ncd8RfOGoyjF1mVcT9TRGOU5HOKsOzfqAdpseEeFf85V2ms8HAFHY0V2eCf8-qFVYhgB&cbvp=2&vis=1
Frame ID: 295E513B8CB9E9829D8E0F44837797AF
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 695A730572B98D96077A4F865C443703
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

devlif

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

35
Requests

97 %
HTTPS

89 %
IPv6

6
Domains

10
Subdomains

10
IPs

1
Countries

464 kB
Transfer

1371 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: A WordPress Commenter

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
marfaa.devlif.com/ 166 KB
61 KB 364ms
83ms Document
text/html 2a02:4780:1e:29f3:7994:db24:c001:9387
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://marfaa.devlif.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1e:29f3:7994:db24:c001:9387 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/8.1.27

Resource Hash

407df4b37b913d4920b0fed76a96d60144b7f3a865afe2d71ff7e51aee262351

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 07 Mar 2024 15:24:14 GMT
etag: "52338-1709577876;br"
link: <https://marfaa.devlif.com/wp-json/>; rel="https://api.w.org/"
platform: hostinger
server: hcdn
x-hcdn-cache-status: MISS
x-hcdn-request-id: bf7d430bb6727d91e418322b51ea61f5-phx-edge1
x-hcdn-upstream-rt: 0.011
x-litespeed-cache: hit
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed
x-ua-compatible: IE=edge

GET
H2 200 style.min.css
marfaa.devlif.com/wp-includes/css/dist/block-library/ 108 KB
13 KB 130ms
129ms Stylesheet
text/css 2a02:4780:1e:29f3:7994:db24:c001:9387
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://marfaa.devlif.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: marfaa.devlif.com
URL: https://marfaa.devlif.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1e:29f3:7994:db24:c001:9387 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 89494
alt-svc: h3=":443"; ma=86400
content-length: 13323
x-hcdn-cache-status: HIT
last-modified: Mon, 04 Mar 2024 17:05:44 GMT
server: hcdn
etag: "1ae43-65e5ff68-bb547b20a29cbd7d;br"
x-hcdn-request-id: ad8d991eac2caf63b20ce9f01b3b3d99-phx-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Wed, 13 Mar 2024 14:32:40 GMT

GET
H2 200 main.min.css
marfaa.devlif.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 110ms
109ms Stylesheet
text/css 2a02:4780:1e:29f3:7994:db24:c001:9387
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://marfaa.devlif.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0

Requested by

Host: marfaa.devlif.com
URL: https://marfaa.devlif.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1e:29f3:7994:db24:c001:9387 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 89494
alt-svc: h3=":443"; ma=86400
content-length: 4356
x-hcdn-cache-status: HIT
last-modified: Mon, 04 Mar 2024 17:07:58 GMT
server: hcdn
etag: "4c6c-65e5ffee-25cf6e814996ab4b;br"
x-hcdn-request-id: 62209e6e1f719a9179ef3cc33c15b399-phx-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Wed, 13 Mar 2024 14:32:40 GMT

GET
BLOB 200
OK 4923bcb2-25e3-4fc7-9925-76dfc0236651
https://marfaa.devlif.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://marfaa.devlif.com/4923bcb2-25e3-4fc7-9925-76dfc0236651
Requested by: Host: marfaa.devlif.com
URL: https://marfaa.devlif.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 118ms
84ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: marfaa.devlif.com
URL: https://marfaa.devlif.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acf4fbf7e5c94bc3cf5a54018f01b0cb6b6587304209ab5d4745c40518b3efec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28738
x-xss-protection: 0
server: cafe
etag: 330 / 19789 / 31081677 / config-hash: 399612998941285232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 15:24:14 GMT

GET
H2 200 menu.min.js Show response
marfaa.devlif.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 76ms
75ms Script
application/x-javascript 2a02:4780:1e:29f3:7994:db24:c001:9387
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://marfaa.devlif.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0

Requested by

Host: marfaa.devlif.com
URL: https://marfaa.devlif.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1e:29f3:7994:db24:c001:9387 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 89494
alt-svc: h3=":443"; ma=86400
content-length: 1535
x-hcdn-cache-status: HIT
last-modified: Mon, 04 Mar 2024 17:07:58 GMT
server: hcdn
etag: "1b2d-65e5ffee-637a7fa5c7a0edcb;br"
x-hcdn-request-id: 384e8d62d2940f1343f725941bb71dfc-phx-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Wed, 13 Mar 2024 14:32:40 GMT

GET
H3 200 wp-emoji-release.min.js Show response
marfaa.devlif.com/wp-includes/js/ 18 KB
5 KB 76ms
76ms Script
application/x-javascript 2a02:4780:1e:29f3:7994:db24:c001:9387
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://marfaa.devlif.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: marfaa.devlif.com
URL: https://marfaa.devlif.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:1e:29f3:7994:db24:c001:9387 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 89493
alt-svc: h3=":443"; ma=86400
content-length: 4605
x-hcdn-cache-status: HIT
last-modified: Mon, 04 Mar 2024 17:05:44 GMT
server: hcdn
etag: "4904-65e5ff68-82e1a0bd8ac3a701;br"
x-hcdn-request-id: facb32d434047c1375a28f095089eba2-phx-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Wed, 13 Mar 2024 14:32:41 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/ 432 KB
136 KB 17ms
17ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8990aa15eac245af6c6e1659e307d87319e360dfb7841984e17aac14bc583c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 12:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12059
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139160
x-xss-protection: 0
server: cafe
etag: 12239114432611093980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 07 Mar 2025 12:03:15 GMT

GET
H2 200 21902364955 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 84ms
50ms Script
application/javascript 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21902364955?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55544fdf1021028ad048204ff7854b6fc9954d5a7683aacaa724672353ca8604

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wHAFz8oMPry0pXgCSdt6sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wHAFz8oMPry0pXgCSdt6sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMW_H8vVsAhN2frjOCAACtS2S"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVOU1YwOGHr7D7gZws-fO5KHabU_9Sz-p01_NaJqbuGgRIBJRrbZGa2Mm7fAmkNjJlN5-hOEoAdy15tl5tC8yeC7Za-e4nf1dPxtaQcTydustekJrjy-07WZeEHQs0gNgEJ8ioh_w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 44ms
43ms Script
application/javascript 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOU1YwOGHr7D7gZws-fO5KHabU_9Sz-p01_NaJqbuGgRIBJRrbZGa2Mm7fAmkNjJlN5-hOEoAdy15tl5tC8yeC7Za-e4nf1dPxtaQcTydustekJrjy-07WZeEHQs0gNgEJ8ioh_w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODI1MDU0LDUyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tYXJmYWEuZGV2bGlmLmNvbS8iLG51bGwsW1s4LCJGODhYYmhxTG9qUSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy3SgnF0EVdgXHg5Ybt6aiahLkLXw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0aba0daa6c58c12f4f57f51374bf55afdd45bf908b3ed9c1185dfb9f125003ed

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-F_IWJ3XI5CIxzNGBMk2ySw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-F_IWJ3XI5CIxzNGBMk2ySw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMW_H8vVsAgf6d3YwAQAGBy0d"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
17 KB 850ms
850ms Fetch
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3808456667523&correlator=3406178116730151&eid=44809527%2C31081517%2C31081677&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fifs&gdpr=0&iu_parts=339263271%3A22995136813%2Cgam_devlif.com_%2Cgam_devlif.com_display&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709825054560&lmt=1709825054&adxs=1055&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmarfaa.devlif.com%2F&vis=1&psz=360x632&msz=328x600&fws=0&ohw=0&ga_vid=467197887.1709825055&ga_sid=1709825055&ga_hid=1636403888&ga_fc=false&dlt=1709825054082&idt=282&adks=2362431598&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21a653d9f5f77707d5a8e4623ee04ca855a141c0e4752d3c8498cb493d63e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17299
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://marfaa.devlif.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC6B 6 KB
3 KB 65ms
20ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 15:24:14 GMT
expires: Fri, 07 Mar 2025 15:24:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxWL25ur_H13D-PNBi-UB67ZXPxPLYkbRDuPSc3uNEBy9gkjXJNis0I_b1xjkFSkoV5NjLvSeuJMesUEBLwo4Az6kaDbJzN9Oi_1WlwuROGja2ny2p26YEty_Tw0V0KKSfKjBZ5L3Q== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 46ms
46ms Script
application/javascript 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWL25ur_H13D-PNBi-UB67ZXPxPLYkbRDuPSc3uNEBy9gkjXJNis0I_b1xjkFSkoV5NjLvSeuJMesUEBLwo4Az6kaDbJzN9Oi_1WlwuROGja2ny2p26YEty_Tw0V0KKSfKjBZ5L3Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODI1MDU0LDU4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbWFyZmFhLmRldmxpZi5jb20vIixudWxsLFtbOCwiRjg4WGJocUxvalEiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba068b668bc810ec47d52ffc4e125026bd02d2c2c8d04ddcf6dac54bc91987a6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0E4H7kRGf3zfVY6gBSGm_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0E4H7kRGf3zfVY6gBSGm_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw1ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pJJ4OtLJgkg1gLiHT4eLHzrprOqALHh-umskUAc83w6awoQO6XPYA0BYp_6GaxxQCzEwzFvx_L1bAIN_y4tYQIAPVgygw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 118ms
83ms XHR
application/json 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9abf304fe87c4a4b338f6b16f1b0e1f346a1adf2e131e984d42088bbc3b0e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12397
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
18ms Script
text/javascript 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 15:24:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D54D 13 KB
5 KB 20ms
18ms Document
text/html 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 257956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 15:44:58 GMT
expires: Tue, 04 Mar 2025 15:44:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FEA9 829 B
1 KB 133ms
36ms Document
text/html 2607:f8b0:4004:c06::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58a2d89576194f17de9939bcabec878853ed202b9c974b4dac1293d52825d288

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KfcEpXOxpI2kddDLNwh4dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://marfaa.devlif.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KfcEpXOxpI2kddDLNwh4dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 15:24:14 GMT
expires: Thu, 07 Mar 2024 15:24:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame D54D 39 KB
15 KB 21ms
16ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 03:02:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEA9 0
0 79ms
78ms Image
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403050101&jk=3808456667523&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D54D 0
10 B 20ms
19ms Image
text/plain 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uCLxkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ad-right2. Show response
fundingchoicesmessages.google.com/f/AGSKWxUoMXJ4J3SeSAKALxd5ObxDcDDWyFTe0cfJwj1r-Z9D5YiS3RdODvVGlwHxVjV7GLxcbwHLHNQMHl4o98pITqnPh1iKn4NvLQoiWsFv0NOmN-5AMqOivhCLN0NmqkZdNgkfh65kWS23KHUfzzR8SZmWhuk2H... 54 B
110 B 85ms
82ms Script
application/javascript 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUoMXJ4J3SeSAKALxd5ObxDcDDWyFTe0cfJwj1r-Z9D5YiS3RdODvVGlwHxVjV7GLxcbwHLHNQMHl4o98pITqnPh1iKn4NvLQoiWsFv0NOmN-5AMqOivhCLN0NmqkZdNgkfh65kWS23KHUfzzR8SZmWhuk2HmKRUnbkrvfp4tv6k_VLLlSYWWLypN20/_/adsense24._120h600._adpage=/phpbanner/banner_/ad-right2.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.F88XbhqLojQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzr4ceWFX7ILY5aq-B7zoYoS2SYxw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7bac01c12d809391527011ea3e1b5d850dc83e74237507dfb523d954bace93f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FCpUEGqPvZrNmXSvKUntaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FCpUEGqPvZrNmXSvKUntaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMX_H8vVsAgtefmhnBAAGoC2L"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 114ms
110ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c034f29de35274056310b9075c0635a47ee378d09187ed278a3b83e836107c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51069
x-xss-protection: 0
server: cafe
etag: 15613857336301559008
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 07 Mar 2024 15:24:15 GMT

POST
H3 204 AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 118ms
46ms XHR
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8yFVXVBZPyXvOyaxC4n5ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8yFVXVBZPyXvOyaxC4n5ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTDMX_H8vVsAgc2X1vOCACLRBF1"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://marfaa.devlif.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 133ms
125ms XHR
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b95loQHfNDlt6xQM3EYGgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-b95loQHfNDlt6xQM3EYGgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTDMX_H8vVsAgemPT3ICACLXxGC"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://marfaa.devlif.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame C1BB 9 KB
4 KB 75ms
24ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 29183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 07:17:52 GMT
etag: 5035419970550746386
expires: Thu, 21 Mar 2024 07:17:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 70ms
39ms XHR
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a7nexZ8IgjtI6uQ3ec_CTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a7nexZ8IgjtI6uQ3ec_CTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTDMX_H8vVsAhuWfV7IBACLOhFx"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://marfaa.devlif.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 70ms
40ms XHR
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjUDi_GLxdcf4ee-NOsshlVptjdw5LWkmLicCwzyR1aRw1FURaVoxdeC2J7diqqsP5qkjrLm-PNgAFqsJm_07_c07LFGEJXD1E9PoFsbsI8e6NnMq3kfQFPapYV4tLhhPZqWn43Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_JAu7vK7seYNE7zzU_iqLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-_JAu7vK7seYNE7zzU_iqLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTDMX_H8vVsAg9ubljEBACMARGR"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://marfaa.devlif.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWE5rBcS4UBJ9EQH0bHD-Rd6lMSR9eqNY-Yfd_0xN2hWr9qbkGqmO0Dch4Rm1dbz1-jnRPkcz8mQfFBzeZARKADLS2X5mKQLtEedXezfM9WVWxI5B3gGpNtgBuI5Kyt3H9zZzHxBg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 84ms
76ms Script
application/javascript 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWE5rBcS4UBJ9EQH0bHD-Rd6lMSR9eqNY-Yfd_0xN2hWr9qbkGqmO0Dch4Rm1dbz1-jnRPkcz8mQfFBzeZARKADLS2X5mKQLtEedXezfM9WVWxI5B3gGpNtgBuI5Kyt3H9zZzHxBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODI1MDU1LDU4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tYXJmYWEuZGV2bGlmLmNvbS8iLG51bGwsW1s4LCJGODhYYmhxTG9qUSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dadbe5bddeb0181ca720feae2f53f7ad152b248177cecbed997471bc418a6072

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QReQ2wmUgmzNymTCauaFLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-QReQ2wmUgmzNymTCauaFLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDMX_H8vVsAgsmf1zJBAD_Dy1K"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 205F 6 KB
3 KB 70ms
0ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 15:24:14 GMT
expires: Fri, 07 Mar 2025 15:24:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
101ms Image
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403050101&jk=3808456667523&bg=!CAulC0TNAAZsmiNCTJo7ADQBe5WfOK1_zrZ0RgNdiEcbrSvBGvj8-UBg-7PuWSu5mt8nPvS_pp141t6pYHuRrmEaADadAgAAAHVSAAAABmgBB5kC0DuWIDMXg8Yg-EBs54tEkcBkgvhDnD4v5rRaZ_g-r_9foY-icaygRTxRMdlBsk-Qg7j5jsFXkUbrrWTHo4KBGYSaNT_5ilWIYH9fp0qPd_6HPUeIVMUbez7dkJtwdZgMllUORRDiZK7K8t5fBE4LQXk3ERX4eRv4vPhEISJ6ykZkmc3cf9FJG4iBIRRDo60vOurSGkBXAykfh-uGFmVxxIwc-G_aFlbC2No6qY_CUyetAi6LutSUE2R3pcleAiDjRv4g1jo5fijTRQFsjYx89VqviDITW1sJ-_cIpGb517UVyRLPawYBvMmBaEL6Kef9AIwLqocvfuRiAzHRSuOHlcCRqLtg5TcwEiETerJO3dMsH6abJ9cuEiPskj3W2YfllRkJVaxSeWKcFFFdefLYBcJkciNcYf4Dkvt2FH8TYgju2gBmXNvpH_5DKaWsS2JKYvIWQvUCW0t0Q9ObfmsXnKy_o2wM6AjcQhGCcL0KPepge4s00Gtnjz5fo_a0djYo9CUa9IErLnVFtNaGlQwgYCt-Sd9Y1BiDY8ILbKRh4shj7PCt2ywScYTb0JdJYS7K1t-_RyoO6esHM9flDh3_Swuv0ebJKjCsvlTK9PIv_MsmDr0_Gya3G8xSQa88VuCLHaZHdro-H_fqrzYYHdtT2Rl5EH-W864-GgiRAi8yLprYoFuf-B-Gnu15vLOwLhNRlAXfQKep-zCL3Hi4dhNhhXPkhUVfHBLLLzI552kh-c-1oLFkyKnlSD6Qn3Pvh2w-TaVenQRtMRm--lD-nO3PCE5yMqLUeI_5FPlEHepj4SOaEbdw5KKSdnGMmlZN7qwd_YhxjiUpDaEQdr2UgFBDSfCskAnCemH2PYUWRCocPMiKMOvNAw6bufQ5RxmNNnryE-zG_BJDWSinVsfydb3lgfh3gTlMEQ-dh34dx-9FbMBgGpkWKcyyu70oYP0VlMNcpw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marfaa.devlif.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

POST
H3 204 AGSKWxU77yp3aU-vMjThgXyWCuqL2KwmhHz3rEo9CUjgOiniNaqSJsn-67NhYxD0kqRuEZ0u-d5DOM0PuHs2KkdbFLGKWpNMQt_XoC7OeSN93l57fTn2SE2iNkaTZ0mo54CtQGJjkvjZ5A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 75ms
52ms XHR
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU77yp3aU-vMjThgXyWCuqL2KwmhHz3rEo9CUjgOiniNaqSJsn-67NhYxD0kqRuEZ0u-d5DOM0PuHs2KkdbFLGKWpNMQt_XoC7OeSN93l57fTn2SE2iNkaTZ0mo54CtQGJjkvjZ5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O6UDfWch6X47V0Iih1PXpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marfaa.devlif.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O6UDfWch6X47V0Iih1PXpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrEFALMTDMX_H8vVsAgvePX7JBACMahHh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://marfaa.devlif.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 295E 0
0 99ms
82ms Image
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrtChHtzpZbfGJenhj-8Pn-OHmAXamImHa8-ppu-ODsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTM0MjMwODU1NDUyOTYyMzHIAQngAgCoAwHIAwKqBIsCT9DNZzqErm_2FGJx4qfn9ecSBt_b4WbSbuM8ebd1Yz2WuKT1cZ0hYnwphhIoXLj_LZRquvbqeiuNhNyCaEPSXso2y3qUH0FYy8HyuSySILotY-yuXXxSzfolSWHIUzio4kkefO9Nv-JZdmERBpfhwCvlWWvGRTCQoETpIyk9BtOI7zw_5Sn9kZE1OKDmgO6ijLxkMob2uRq_gwHr-lvp8sBeflNca7-JxdydPHMxAibD6-WbKBhwDKyjKFmcCPBxGNm-8oom7jw0aU0FudT4aQP2i7w8U3_Np0mG3SqqkahCXzNPVkckkXtHE7sc3Xp9V9yXwGGm_4lGFM8AwriaJaeRufSq_Y5DpWCA4AQBgAaIuPuag4fHpT6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAoChIvf3BOlijmofYuuKEA4AKA_oLAggBgAwB4g0TCIPOh9i64oQDFenw4wcdn_EBU9AVAYAXAbIXHAoaEhRwdWItMzQyMzA4NTU0NTI5NjIzMRj_-R0&sigh=EHTna8zlcbA&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqh03FmaoekmF5ZRryGxH9YjLZ1ylwz-I1Ncd8RfOGoyjF1mVcT9TRGOU5HOKsOzfqAdpseEeFf85V2ms8HAFHY0V2eCf8-qFVYhgB&cbvp=2&vis=1
Requested by: Host: 597211892979fcd253bf53829e529997.safeframe.googlesyndication.com
URL: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 win
8proof.com/app/ Frame 295E 0
44 B 202ms
57ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=741382739153&ap=ZencHgAJYzcH4_DpAAHxn3bKLYo_xRKQkHKUJA&brid=g00z5kC1ElySEcrMqZgcrA&t=b&cbvp=2
Requested by: Host: 597211892979fcd253bf53829e529997.safeframe.googlesyndication.com
URL: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:24:15 GMT
content-length: 0
server: nginx

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 695A 13 KB
13 KB 80ms
20ms Font
application/octet-stream 2607:f8b0:4004:c06::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/
Origin: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 14:57:48 GMT
age: 1587
x-guploader-uploadid: ABPtcPpD5kfmJpNkhW0gB1fdalfUB9Is0mefo5A5NDqcQ3sx-hz9gUYX0d6F--1PnJgbfv-ShY4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 07 Mar 2024 15:57:48 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 695A 12 KB
13 KB 76ms
16ms Font
application/octet-stream 2607:f8b0:4004:c06::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com/
Origin: https://597211892979fcd253bf53829e529997.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 15:12:17 GMT
age: 718
x-guploader-uploadid: ABPtcPrRIHYLi6pXTqEapUOTSpyCdmWMbjs6-GIcjxL2a0ZPpl-XEkXLyfVhF4O6r4I-nr5s2e3JYtjFwg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 07 Mar 2024 16:12:17 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.devlif.com/	1970-01-21 04:18:41	Name: __gads Value: ID=7697a36a9a8a4dd1:T=1709825054:RT=1709825054:S=ALNI_MZYQmT2OlFtPGkMu60NRhYU5IVIuQ
.devlif.com/	1970-01-21 04:18:41	Name: __gpi Value: UID=00000dd00aa1d36c:T=1709825054:RT=1709825054:S=ALNI_MbCdDs74DObnLh5OOn81ePBsp8QVg
.devlif.com/	1970-01-20 23:16:17	Name: __eoi Value: ID=75827cff95b4eb09:T=1709825054:RT=1709825054:S=AA-AfjbygqwgQrbFFZ1xkiMDuVZU
.devlif.com/	1970-01-21 03:42:41	Name: FCNEC Value: %5B%5B%22AKsRol8X3WEDsTi6QADYUvFlHjlIwEjb5QcE8jx9ZrgVXkfutXQR2FuGyikY9Cm9BBtPZqnMDVFzh9B-ImiEJAO1SbD76x65oc2jy2yc3ChoQeLs0Tyn16tGe0RgQf-pQzGnwiyB1YhbsRFauRz-fXhzcqd-9D-2pA%3D%3D%22%5D%5D
.doubleclick.net/	1970-01-21 04:33:05	Name: IDE Value: AHWqTUm_u-ROiVNWwzof7_ycW-VOZbQbg2GY6Mi9YTBJJVDjyEluf6XINvfIoQ3zXsM

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://marfaa.devlif.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://marfaa.devlif.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://marfaa.devlif.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://marfaa.devlif.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://marfaa.devlif.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

597211892979fcd253bf53829e529997.safeframe.googlesyndication.com
8proof.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
marfaa.devlif.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
storage.googleapis.com
tpc.googlesyndication.com
www.google.com
2607:f8b0:4004:c06::6a
2607:f8b0:4004:c06::cf
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c17::9c
2a02:4780:1e:29f3:7994:db24:c001:9387
52.116.53.150
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0aba0daa6c58c12f4f57f51374bf55afdd45bf908b3ed9c1185dfb9f125003ed
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
407df4b37b913d4920b0fed76a96d60144b7f3a865afe2d71ff7e51aee262351
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55544fdf1021028ad048204ff7854b6fc9954d5a7683aacaa724672353ca8604
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a2d89576194f17de9939bcabec878853ed202b9c974b4dac1293d52825d288
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8990aa15eac245af6c6e1659e307d87319e360dfb7841984e17aac14bc583c11
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
acf4fbf7e5c94bc3cf5a54018f01b0cb6b6587304209ab5d4745c40518b3efec
b21a653d9f5f77707d5a8e4623ee04ca855a141c0e4752d3c8498cb493d63e77
b7bac01c12d809391527011ea3e1b5d850dc83e74237507dfb523d954bace93f
b9abf304fe87c4a4b338f6b16f1b0e1f346a1adf2e131e984d42088bbc3b0e54
ba068b668bc810ec47d52ffc4e125026bd02d2c2c8d04ddcf6dac54bc91987a6
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
c8c034f29de35274056310b9075c0635a47ee378d09187ed278a3b83e836107c
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
dadbe5bddeb0181ca720feae2f53f7ad152b248177cecbed997471bc418a6072
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

marfaa.devlif.com Open in urlscan Pro 2a02:4780:1e:29f3:7994:db24:c001:9387 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

97 %HTTPS

89 %IPv6

6 Domains

10 Subdomains

10 IPs

1 Countries

464 kBTransfer

1371 kBSize

5 Cookies

2 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

marfaa.devlif.com Open in urlscan Pro
2a02:4780:1e:29f3:7994:db24:c001:9387 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

97 %
HTTPS

89 %
IPv6

6
Domains

10
Subdomains

10
IPs

1
Countries

464 kB
Transfer

1371 kB
Size

5
Cookies

35 HTTP transactions
0 data transactions