urlscan.io logo urlscan.io
SecurityTrails logo

hab.sifanoro.com Open in urlscan Pro
109.70.148.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.hab.sifanoro.com/
Effective URL: https://hab.sifanoro.com/
Submission: On February 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 66 HTTP transactions. The main IP is 109.70.148.62, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is hab.sifanoro.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 17th 2024. Valid for: 3 months.
This is the only time hab.sifanoro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    109.70.148.62 (London, United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: greyhound.hostns.io
www.hab.sifanoro.com
hab.sifanoro.com
2    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4004:c08::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2607:f8b0:4004:c06::65 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2620:1ec:29:1::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
5    2607:f8b0:4004:c09::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2600:1408:5400:7::170c:9225 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
4    68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
1    2607:f8b0:4004:c08::63 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
385 KB
17 sifanoro.com
www.hab.sifanoro.com
hab.sifanoro.com
215 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659
www.google.com — Cisco Umbrella Rank: 2
71 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 65
17 KB
5 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1940
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1480
30 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
33 KB
3 gstatic.com
fonts.gstatic.com
48 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
2 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4545
31 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
245 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
93 KB
66 11
Domain Requested by
16 hab.sifanoro.com hab.sifanoro.com
12 pagead2.googlesyndication.com hab.sifanoro.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
5 www.bing.com 2 redirects googleads.g.doubleclick.net
5 tpc.googlesyndication.com hab.sifanoro.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 nym1-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com hab.sifanoro.com
1 www.google.com tpc.googlesyndication.com
1 cdn.adnxs.com hab.sifanoro.com
1 adsdk.microsoft.com hab.sifanoro.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com hab.sifanoro.com
1 www.hab.sifanoro.com 1 redirects
66 15

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.candidthemes.com
Subject Issuer Validity Valid
hab.sifanoro.com
cPanel, Inc. Certification Authority		 2024-02-17 -
2024-05-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-01-08 -
2024-07-06		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://hab.sifanoro.com/
Frame ID: 15DF737C6860E7817C87C844BE3AA54E
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 7E77D9251E2A461BBA9FEBD06B498C8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9466362027422135&output=html&adk=1812271804&adf=3025194257&lmt=1708210347&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fhab.sifanoro.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210347011&bpp=4&bdt=878&idt=247&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6780239304185&frm=20&pv=2&ga_vid=484174178.1708210347&ga_sid=1708210347&ga_hid=31390762&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081189%2C95324581%2C95325069%2C31081219%2C95321867%2C95324155%2C95324160%2C95325078&oid=2&pvsid=40976374770688&tmod=1665648942&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=273
Frame ID: D2D8B03AD75BB7AB9A427935E411B047
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C4CB7745D3F98628A64D31AC3DA69E5A
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 5B0118D1CE1F43DB573ADDF4FC8F4F05
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15ED1A6129AF692C8C54DDD971642636
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07346FCA33E50B3823FE122CB6D36304
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hab sin

Page URL History Show full URLs

  1. https://www.hab.sifanoro.com/ HTTP 301
    https://hab.sifanoro.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

66
Requests

95 %
HTTPS

77 %
IPv6

11
Domains

15
Subdomains

14
IPs

2
Countries

924 kB
Transfer

2636 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.hab.sifanoro.com/ HTTP 301
    https://hab.sifanoro.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57b36fb2-d16a-4f48-a597-c7bcdf8547cf&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=3613e174-840e-4f87-bd9b-363d17522155&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dd345f192daaf44ebb566723f1a687d2e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp&aid=3076739186509404249&wp= HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d345f192daaf44ebb566723f1a687d2e&SNR=1&GV=2&med=10
Request Chain 64
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57b36fb2-d16a-4f48-a597-c7bcdf8547cf&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=3613e174-840e-4f87-bd9b-363d17522155&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dd345f192daaf44ebb566723f1a687d2e%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp&aid=3076739186509404249&wp= HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d345f192daaf44ebb566723f1a687d2e&tids=15000&med=10

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hab.sifanoro.com/
Redirect Chain
  • https://www.hab.sifanoro.com/
  • https://hab.sifanoro.com/
105 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed / PHP/7.4.33
Resource Hash
36f2840a6b0bfd5079dc22329ff6754c006affd611b4f1244a58c44b60289d1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 22:52:25 GMT
link
<https://hab.sifanoro.com/index.php/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 22:52:25 GMT
location
https://hab.sifanoro.com/
server
LiteSpeed
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
style.min.css
hab.sifanoro.com/wp-includes/css/dist/block-library/ 		108 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Wed, 24 Jan 2024 19:02:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13600
expires
Sat, 24 Feb 2024 22:52:26 GMT
css
fonts.googleapis.com/ 		3 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.4.3
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afe98f8b8845ca7a1b92397e5a310c0a88b8c1bd2f55c58a813bdd9792114085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 22:52:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 22:52:26 GMT
css
fonts.googleapis.com/ 		4 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.3
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc3f0979e101efe27fcee670fe0fa77355e102e5f42680028ecd56d32b3089f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 21:48:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 22:52:26 GMT
font-awesome.min.css
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6662
expires
Sat, 24 Feb 2024 22:52:26 GMT
slick.css
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 		2 KB
526 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.css?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
493
expires
Sat, 24 Feb 2024 22:52:26 GMT
slick-theme.css
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 		3 KB
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-theme.css?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
773
expires
Sat, 24 Feb 2024 22:52:26 GMT
style.css
hab.sifanoro.com/wp-content/themes/fairy/ 		103 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/style.css?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16957
expires
Sat, 24 Feb 2024 22:52:26 GMT
jquery.min.js
hab.sifanoro.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29744
expires
Sat, 24 Feb 2024 22:52:26 GMT
jquery-migrate.min.js
hab.sifanoro.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4678
expires
Sat, 24 Feb 2024 22:52:26 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WR4W6MNF
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
638a7002e03d7b0dd89a369d8997a8a7d2f7558b03c22950a4feea6842a46d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94970
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 22:52:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4104381f660e261e004d9191b69030554d2e256f3524479b12dcb88263f36e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
Origin
https://hab.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51201
x-xss-protection
0
server
cafe
etag
16443963827690268753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 17 Feb 2024 22:52:26 GMT
f044eac9-a8af-4f02-b19a-40903f05ef88
https://hab.sifanoro.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://hab.sifanoro.com/f044eac9-a8af-4f02-b19a-40903f05ef88
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
navigation.js
hab.sifanoro.com/wp-content/themes/fairy/js/ 		3 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/js/navigation.js?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
988
expires
Sat, 24 Feb 2024 22:52:26 GMT
theia-sticky-sidebar.js
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar.js?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3411
expires
Sat, 24 Feb 2024 22:52:26 GMT
slick.js
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 		90 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.js?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14940
expires
Sat, 24 Feb 2024 22:52:26 GMT
imagesloaded.min.js
hab.sifanoro.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Fri, 11 Aug 2023 18:18:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1687
expires
Sat, 24 Feb 2024 22:52:26 GMT
masonry.min.js
hab.sifanoro.com/wp-includes/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7117
expires
Sat, 24 Feb 2024 22:52:26 GMT
custom.js
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/custom.js?ver=1.3.7
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1543
expires
Sat, 24 Feb 2024 22:52:26 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hab.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:25:40 GMT
x-content-type-options
nosniff
age
242806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 03:25:40 GMT
fontawesome-webfont.woff2
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Origin
https://hab.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
last-modified
Sat, 17 Feb 2024 19:54:08 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77160
expires
Sat, 24 Feb 2024 22:52:26 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hab.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 11:55:51 GMT
x-content-type-options
nosniff
age
125795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Feb 2025 11:55:51 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hab.sifanoro.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:51:18 GMT
x-content-type-options
nosniff
age
244868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 02:51:18 GMT
wp-emoji-release.min.js
hab.sifanoro.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hab.sifanoro.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.70.148.62 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
greyhound.hostns.io
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:26 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Sat, 24 Feb 2024 22:52:26 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bc2a6e1f5ee6c31781e0b037984e25e47da9ca32682b8208291366d6bf4755f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141258
x-xss-protection
0
server
cafe
etag
6468874936804302184
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 22:52:27 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 7E77 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
12985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 19:16:02 GMT
etag
3890843268177463596
expires
Sat, 02 Mar 2024 19:16:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P458M37XVJ&gtm=45Pe42e0v9177933070za200&_p=1708210346471&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=484174178.1708210347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708210347&sct=1&seg=0&dl=https%3A%2F%2Fhab.sifanoro.com%2F&dt=Hab%20sin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3268
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WR4W6MNF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hab.sifanoro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D2D8 		84 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9466362027422135&output=html&adk=1812271804&adf=3025194257&lmt=1708210347&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fhab.sifanoro.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210347011&bpp=4&bdt=878&idt=247&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6780239304185&frm=20&pv=2&ga_vid=484174178.1708210347&ga_sid=1708210347&ga_hid=31390762&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081189%2C95324581%2C95325069%2C31081219%2C95321867%2C95324155%2C95324160%2C95325078&oid=2&pvsid=40976374770688&tmod=1665648942&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=273
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
018da23a9f13dd5042bd624238bcd1f017b0cbba6339069a2a7a009311fc7d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
24527
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 22:52:27 GMT
expires
Sat, 17 Feb 2024 22:52:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/reactive_library_fy2021.js?bust=31081219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a37c1ae4753e4d5dc3902ba4737a44d813eb4891ee26ca8c94b0e4a089068f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57027
x-xss-protection
0
server
cafe
etag
17682139086828942473
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 22:52:27 GMT
ca-pub-9466362027422135
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9466362027422135?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
457895dffcacf56d61e8ef4b25a9fa4cdca4429f3424cf8a1cbc4bb9ae7a804d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VO2nhgs8g03xiZnX1jXb8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VO2nhgs8g03xiZnX1jXb8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6ONR-PrGMTePFuDjsAnYVESw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/slotcar_library_fy2021.js?bust=31081219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59b80782ed79e574293cde378d8f0a42ef167cf5cb07cf944b34761e632b0ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32108
x-xss-protection
0
server
cafe
etag
6677795335538993937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 22:52:27 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9466362027422135&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://hab.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame C4CB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
45144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 10:20:04 GMT
etag
3890843268177463596
expires
Sat, 02 Mar 2024 10:20:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxW652Q5Fnf7SQbn3JVmluy6JYXIE2YNFqOv6zE55dAjQoUSZQoKqImx6QNO8qSx1lk1wlUkyT4qEco7WZRROjTSmDUYkYXgccrTKAI_CQoX11aZXXRSdKK05cWfe4eG9wZCPZzuog==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW652Q5Fnf7SQbn3JVmluy6JYXIE2YNFqOv6zE55dAjQoUSZQoKqImx6QNO8qSx1lk1wlUkyT4qEco7WZRROjTSmDUYkYXgccrTKAI_CQoX11aZXXRSdKK05cWfe4eG9wZCPZzuog==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjEwMzQ4LDEyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9oYWIuc2lmYW5vcm8uY29tLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f388048df43af18022331a39e86b4bb8c0b5222a1e82600082f07a78cab67979
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Wfhx5hikwoDZfx57gxu4sA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Wfhx5hikwoDZfx57gxu4sA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6ONR-PrGMTWLB_vR8AoJBENQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 5B01 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 17 Feb 2024 22:52:28 GMT
content-encoding
br
last-modified
Tue, 06 Feb 2024 16:37:22 GMT
content-md5
C6lJlGRJVBUbmTJ6Tx03Gw==
etag
0x8DC2731E4AD9FE3
x-azure-ref
0rDjRZQAAAAAfUGO+oRoqTZI1Spi23PMRTU5aMjIxMDYwNjEyMDQ3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7e24cba6-c01e-0097-683e-615cc7000000
cache-control
private, max-age=3600, stale-while-revalidate=86400
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/241/ Frame 5B01 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/241/trk.js
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires
Thu, 13 Feb 2025 03:22:46 GMT
Date
Sat, 17 Feb 2024 22:52:28 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
329382
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27925
X-Served-By
cache-lga21980-LGA, cache-yyz4543-YYZ
Last-Modified
Wed, 14 Feb 2024 03:22:23 GMT
Server
AkamaiNetStorage
X-Timer
S1708210348.243518,VS0,VE0
ETag
"0a80c859b54b27e94d766577dcd37bc5:1707880943.060178"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
42, 117022
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5B01 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 16:59:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
21205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 16:59:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5B01 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
13546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 19:06:42 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5B01 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: hab.sifanoro.com
URL: https://hab.sifanoro.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:35:57 GMT
c.gif
www.bing.com/aes/ Frame 5B01
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57b36fb2-d16a-4f48-a597-c7bcdf8547cf&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=3613e174-840e-4f87...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d345f192daaf44ebb566723f1a687d2e&SNR=1&GV=2&med=10
0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d345f192daaf44ebb566723f1a687d2e&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:1408:5400:7::170c:9225 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 52422C351F4448C0B635F3D17FCA6EAE Ref B: BL2EDGE1808 Ref C: 2024-02-17T22:52:28Z
x-cdn-traceid
0.25422417.1708210348.20b752dc
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 17 Feb 2024 22:52:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D320DE9FE4F44A15AD1B877E576D6F57 Ref B: BL2EDGE2206 Ref C: 2024-02-17T22:52:28Z
x-cdn-traceid
0.25422417.1708210348.20b75289
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d345f192daaf44ebb566723f1a687d2e&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame 5B01 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7971488416517_1YP1OK21NFATVQ58CM&pid=21.2&c=16&roil=0.3177&roit=0&roir=0.6823&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:7::170c:9225 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d1fe17a123a6e2690721e9f55f3e96f5a3f77d820e104150f32cd38cea03f177

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.25422417.1708210348.20b75288
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
15450
alt-svc
h3=":443"; ma=93600
rd_log
nym1-ib.adnxs.com/ Frame 5B01 		0
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fhab.sifanoro.com&e=wqT_3QLpA-jpAQAAAwDWAAUBCKvxxK4GENmwq7PSv7HZKhgAKjYJCIDJ0FbPkT8RdnLnJIKPkT8ZAAAAwB6F8z8hdg0SACkRJMgxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4AIABAYoBA1VTRJIFBvDtmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhhodHRwczovL2hhYi5zaWZhbm9yby5jb22AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFyrjMgrS_zPQxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFg6Ao-gUECAAQAJAGAJgGALgGAMEGAAAAAAExKNAGwo0E2gYWChAAOgEAbBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkRKwEkDNoHBggFCaDgBwDqBwIIAPAHjYWHA4oIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=f0870d88b622659814b6f0a1e93acfa819f329ba&bdref=https%3A%2F%2Fhab.sifanoro.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fhab.sifanoro.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240215%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-9466362027422135%26fa%3D3%26ifi%3D2%26uci%3Da!2%26btvi%3D1,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240215%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:28 GMT
an-x-request-uuid
61d1d9cf-2a60-4018-b4f6-dfbc02357fcc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 5B01 		0
680 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhab.sifanoro.com&e=wqT_3QKjB-ijAwAAAwDWAAUBCKvxxK4GENmwq7PSv7HZKhgAKjYJCIDJ0FbPkT8RdnLnJIKPkT8ZAAAAwB6F8z8hdg0SACkRJMgxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4AIABAYoBA1VTRJIFBvBemAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhhodHRwczovL2hhYi5zaWZhbm9yby5jb22AAwCIAwGQAwCYAwmgAwGqA7YDCswCaHQJLvCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTM2MTNlMTc0LTg0MGUtNGY4Ny1iZDliLTM2M2QxNzUyMjE1NSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AM45xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAGxfcDJmX2NwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRG4UFJJQ0V9EgUxMjA4NRoTMzA3NjczOTE4NjUwOTQwNDI0OSIJMzgxODQ2NzE0KgQhafDeOjhVMlZoY21Ob1FXUWpOelk0TWpnMU5qVXpORGszTkRjak1qTXlPRFl5T0RFNE9UQXdNRFk1T1E9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXKuMyCtL_M9DHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWDoCj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQEBi1jgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQM2gcGCAUJrOAHAOoHAggA8AeNhYcDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=252d3689648694552a110af6fd2727d956dd0727&type=nv&nvt=5&jm=1003&sid=2309523541851897613&vd=ct~0|rr~0&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:28 GMT
an-x-request-uuid
0a87efba-3842-4db0-b1b7-c2f8d7d68cf8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a5be79b8c932028f14780db4e40a063803f5fddf5b40d595cacea88b3d48c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12294
x-xss-protection
0
truncated
/ Frame 5B01 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab5fbe63ee0785bb10ce8ca992371098297e54a2c9814b6c7a704ad0fc36d59a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 5B01 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTEcnqzjRZeulFPPjo9kPnLm7uAbS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTk0NjYzNjIwMjc0MjIxMzXIAQmoAwHIAwKqBOgBT9D-LJAItBYq2KeJp7eTnUDDGYu6rSa0eFLKUO5kFMtoEQiICoM4xcsvMkUyeoIk8Wa7vk1ztrZGjLgTHgy4BwPzilJJ1CFK4PZeN0yWsEdRGRceOSPujclhtO5qWgFltv3cqf1PCBprWPLEaVj4TlSe6oU5RqOmkPADYyhs72OoEx657EJPEZ0OK6w9y7K5CSiu44sr3r1uzroaTD-zGOjBR4F8o3eVCVTZgCLcZBnui8btjaSsvvte0dF3Jj7nEIoYCdSOCJjVJzD-XnF6mKfe5XkZWTXWKawgkVzbBN4AnfXpxyjYh4AGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgCEi9_cE6WNPl0Le7s4QDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0NjYzNjIwMjc0MjIxMzUYAA&sigh=7kwN3HY9SIw&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_3jAmShYUbRkhNChWBuaCVJm9elr9cM9xHktVoOSb6sG86BG3EOuhgw4gMRx5kzq35ExGrnVWwjI4wPstrjfzHaaHsELjNOPMZBgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 17 Feb 2024 22:52:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 17 Feb 2024 22:52:28 GMT
it
nym1-ib.adnxs.com/ Frame 5B01 		0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fhab.sifanoro.com&e=wqT_3QKjB-ijAwAAAwDWAAUBCKvxxK4GENmwq7PSv7HZKhgAKjYJCIDJ0FbPkT8RdnLnJIKPkT8ZAAAAwB6F8z8hdg0SACkRJMgxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4AIABAYoBA1VTRJIFBvBemAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhhodHRwczovL2hhYi5zaWZhbm9yby5jb22AAwCIAwGQAwCYAwmgAwGqA7YDCswCaHQJLvCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTM2MTNlMTc0LTg0MGUtNGY4Ny1iZDliLTM2M2QxNzUyMjE1NSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AM45xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAGxfcDJmX2NwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRG4UFJJQ0V9EgUxMjA4NRoTMzA3NjczOTE4NjUwOTQwNDI0OSIJMzgxODQ2NzE0KgQhafDeOjhVMlZoY21Ob1FXUWpOelk0TWpnMU5qVXpORGszTkRjak1qTXlPRFl5T0RFNE9UQXdNRFk1T1E9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXKuMyCtL_M9DHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWDoCj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQEBi1jgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQM2gcGCAUJrOAHAOoHAggA8AeNhYcDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=252d3689648694552a110af6fd2727d956dd0727&pp=ZdE4qwAFEusFKPHzAA7cnNYk3BdTs0V2NCnNYQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5vXYqzjRZeulFPPjo9kPnLm7uAbS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTk0NjYzNjIwMjc0MjIxMzXIAQmoAwHIAwKqBOsBT9D-LJAItBYq2KeJp7eTnUDDGYu6rSa0eFLKUO5kFMtoEQiICoM4xcsvMkUyeoIk8Wa7vk1ztrZGjLgTHgy4BwPzilJJ1CFK4PZeN0yWsEdRGRceOSPujclhtO5qWgFltv3cqf1PCBprWPLEaVj4TlSe6oU5RqOmkPADYyhs72OoEx657EJPEZ0OK6w9y7K5CSiu44sr3r1uzroaTD-zGOjBR4F8o3eVCVTZgCLcZBnui8btjaSsvvte0dF3Jj7nEIpaC_UcyjwvSqQEKsTkwSNo4VoT3Tz4MXWCFwVfuF4qse0pRsq1E4l32IAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgCEi9_cE6WNPl0Le7s4QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2PY3f3mwq9VHvy76sWJR-LFqgtqQ%26client%3Dca-pub-9466362027422135%26adurl%3D&cbvp=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:28 GMT
an-x-request-uuid
cba5a40e-049a-494d-affb-b4eb8e283d65
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 22:52:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15ED 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
33957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 13:26:31 GMT
expires
Sun, 16 Feb 2025 13:26:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0734 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19adc4a55ecbc2288bef9222e072e5e80f78752791cf4efe86030a97afadb734
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QTce7U3oqQphKoJSlXzo0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hab.sifanoro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QTce7U3oqQphKoJSlXzo0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 22:52:28 GMT
expires
Sat, 17 Feb 2024 22:52:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
slider.ad.
fundingchoicesmessages.google.com/f/AGSKWxVASrojwp4HqMecmyTLewfENSwGt8HCi9T7uyvv-8GjEZfsRxIMv0TeGu-u3KytoJXO4-l8NO8IQAsMQKgH3rETPka7KGLiDaQHld3MrTsy3GHmrdzQdYT9qLfcnu3SJDNBzWCOge1YrwZDppFgdWKlF0bGS... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVASrojwp4HqMecmyTLewfENSwGt8HCi9T7uyvv-8GjEZfsRxIMv0TeGu-u3KytoJXO4-l8NO8IQAsMQKgH3rETPka7KGLiDaQHld3MrTsy3GHmrdzQdYT9qLfcnu3SJDNBzWCOge1YrwZDppFgdWKlF0bGS9v5Z38VIvFpjAgbDm3kMNjZYzhIaRwP/_/adview_.ad_home_/images/adv._ad_server./slider.ad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87b3aaa273d83e411e0068f909570dca37d520b93d3bf0276b329549d4a6bed3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RL6W9BcxbwtFGv1uhzXCcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-RL6W9BcxbwtFGv1uhzXCcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6ONR-PrGMT2PFzwUxmAOLqRME"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 17:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
20163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 17:16:25 GMT
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WCDj9a17LHA1LxeESKZZmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-WCDj9a17LHA1LxeESKZZmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XCs-XhkHZvAiYY1O5kBBfQYrQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://hab.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 15ED 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 12:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
124588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 12:16:00 GMT
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2t5UGaud_8d-NlCfUrZuHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-2t5UGaud_8d-NlCfUrZuHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XCs-XhkHZvAhx8ndjADAAaCGV4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://hab.sifanoro.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OpjsYRneUvC5fICI0W7zxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OpjsYRneUvC5fICI0W7zxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XCs-XhkHZvAgyMvdzADAAYDGTw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://hab.sifanoro.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TKnQt2wFy0bwTJKWpfl7kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-TKnQt2wFy0bwTJKWpfl7kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XCs-XhkHZvAjYaTO5gBAf8Yxg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://hab.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVrgpf4dQlUoHiH0tS4kQcrhhnxYDiaSM7wNJlwBPPzG5z9Cj5-Ap2equ57scfLKDOU_tMSWlr-Kdn6UJKRAhsKBJ-EAjLVYKr36h0nnkNhnoqECiOO7_WIgjyvPpn8aI3p_0cAEA==
fundingchoicesmessages.google.com/f/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVrgpf4dQlUoHiH0tS4kQcrhhnxYDiaSM7wNJlwBPPzG5z9Cj5-Ap2equ57scfLKDOU_tMSWlr-Kdn6UJKRAhsKBJ-EAjLVYKr36h0nnkNhnoqECiOO7_WIgjyvPpn8aI3p_0cAEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjEwMzQ4LDg5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaGFiLnNpZmFub3JvLmNvbS8iLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2be0bb4ae4ebc787f3dfa9b336144bd74e65d2101413c30b9befc4513081b065
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q7y2iV-9b1otvg72Sxj__w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-q7y2iV-9b1otvg72Sxj__w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6ONR-PrGMT-PD02T5mAOL0RU0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0734 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=40976374770688&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 15ED 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zcP3Vw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
AGSKWxWPuvBP-j7Tiw9KmQVs0Y7Mq-PD7GLD0F6u86CTJ_uBrskpI0UasDCuxWHbrpJZu2Bxaby9QAJFjQ2T_T4qeC8AyNE42OR-0b5GZJvBTTb_3iEVQEA161lAFiyZOzM8MBhbz71ZqQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWPuvBP-j7Tiw9KmQVs0Y7Mq-PD7GLD0F6u86CTJ_uBrskpI0UasDCuxWHbrpJZu2Bxaby9QAJFjQ2T_T4qeC8AyNE42OR-0b5GZJvBTTb_3iEVQEA161lAFiyZOzM8MBhbz71ZqQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjEwMzQ4LDk2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9oYWIuc2lmYW5vcm8uY29tLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f9fea49ed780b05a93acff0476a7d1a026d74f942afe3a213e20b44031ddf3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CTJCWxE9eZqa0y_IuhGT1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 22:52:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-CTJCWxE9eZqa0y_IuhGT1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6OtR-PrGMTOPBjOzMAl7pEPA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUcNU1BCcKl14HcppZomEeHtc4jLdGsyIs4Yeq_rc_kBIt8b0JGdtMeYvcxllKT7GSHXiWRXBlAGAPFR5uMyYS1b6qPVLAYLEUyzeB4zlpjVYc02k8wKZ-2zCSNHNT378f2QNn8Jg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUcNU1BCcKl14HcppZomEeHtc4jLdGsyIs4Yeq_rc_kBIt8b0JGdtMeYvcxllKT7GSHXiWRXBlAGAPFR5uMyYS1b6qPVLAYLEUyzeB4zlpjVYc02k8wKZ-2zCSNHNT378f2QNn8Jg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FJ7GD5LfaLArzuB0b546Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 22:52:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FJ7GD5LfaLArzuB0b546Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXOs_XhkHZvAhofL5QDtFxhS"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://hab.sifanoro.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ml8HBl4WFb05wV0lyFX_4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hab.sifanoro.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 22:52:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-ml8HBl4WFb05wV0lyFX_4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXOs_XhkHZvAhAez5AHobhgU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://hab.sifanoro.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=40976374770688&bg=!cHOlczzNAAZN4L4YbeA7ADQBe5WfOElqrgr3WBO8kV7OYs7Vr0SMVnWIDlyS3cly5M4afN-7oYbUWcBSFssqCpEVfRdqAgAAAGFSAAAAAmgBB5kCtdX8rPGMy7P9UK_GVA60cKzrWa_9UrNj9wQpahbcfyRmGl7dmZIexO1HBWuSq73gRnjTzd345rfwB0Z4iThYtZmED-RBdsrUdSIYVrVc1YV1Vu6NLnAfO08fBN2DN-ag4QTcLxK9fq36zRyCMkbnKoZS0nGUtl_dJy0pi9XRs75b8xwknpXYFJYqTdz4mbsaJKIva_qX6o8jh4fH_ZZveCpzWOqzLDD8w-8NuCyoDnHDPMcDTTnSLYyIKqb8V7x-a0Nxs2koXmvRUDoDXpZM8G4sS9UduboRzqHbmtj61vqZThKKXFvhLtIBp50H8q39JlllhwhT9ubClNp-k1Ww4WzP-6Ka0q9TkQ-akQ2gPIfdUv7mJ7_AWPganqcMGlUyo49Li6XvnjKjiDWIYlXookmpNNH2NysmPOctx6WpGuWSioE7u_YQZuZZ19dxXrh8OVQrpxp5g0UkVY-TjjFeSR-zq7CJlXqsaQ064BJfjssG2TH9i-P2ef_iDFRv68hi0HwhPwVEgxVOCQKrGR5ADNTrSkqj6FPcwiIgBYLkq-XrgK32Pa8Zdb7sOrH1j2BmBrFLuB4A8F-gPMEkackJGhEKh1Mb0UI-ovyssXXrmx6R-3buqVvWwz9REdIltaVBS247GFFb715VlxPp-H8Mb41bA5sH4dJ7AQUlaSZ14ANlFnwc5Fbpf49PnuKg3xD6GVBBUH2kBdoDQe25qG3sf9YDwpVU3L8T8GxiGdbkGgS4hDiHgJbW3J580mgRKP6fNMO05jsNzy7FHJfNF8Vnb8ggnS9XtXG6tDIWiMlvEQe8GxYX-KTNiv-sw54JwMQZP6c3GRvb1D1vJFj1nGGikZGJ_85Ps9Z1tOvOoVlDC_-MLBvl4phsiqPmTrq-MEkcOsSU3lzZjvXCkMzbDIzdU6kxM-bnJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hab.sifanoro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
vevent
nym1-ib.adnxs.com/ Frame 5B01 		0
679 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhab.sifanoro.com&e=wqT_3QKjB-ijAwAAAwDWAAUBCKvxxK4GENmwq7PSv7HZKhgAKjYJCIDJ0FbPkT8RdnLnJIKPkT8ZAAAAwB6F8z8hdg0SACkRJMgxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4AIABAYoBA1VTRJIFBvBemAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhhodHRwczovL2hhYi5zaWZhbm9yby5jb22AAwCIAwGQAwCYAwmgAwGqA7YDCswCaHQJLvCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTM2MTNlMTc0LTg0MGUtNGY4Ny1iZDliLTM2M2QxNzUyMjE1NSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AM45xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAGxfcDJmX2NwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRG4UFJJQ0V9EgUxMjA4NRoTMzA3NjczOTE4NjUwOTQwNDI0OSIJMzgxODQ2NzE0KgQhafDeOjhVMlZoY21Ob1FXUWpOelk0TWpnMU5qVXpORGszTkRjak1qTXlPRFl5T0RFNE9UQXdNRFk1T1E9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXKuMyCtL_M9DHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWDoCj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQEBi1jgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQM2gcGCAUJrOAHAOoHAggA8AeNhYcDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=252d3689648694552a110af6fd2727d956dd0727&type=pv&jm=1003&px=0&py=0&bw=160&bh=160&sf=1&sid=2309523541851897613&vd=ct~0|rr~5&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:29 GMT
an-x-request-uuid
2f0440a7-2ac2-4806-a88b-48181a5e6acf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 5B01
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57b36fb2-d16a-4f48-a597-c7bcdf8547cf&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=3613e174-840e-4f87...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d345f192daaf44ebb566723f1a687d2e&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d345f192daaf44ebb566723f1a687d2e&tids=15000&med=10
Protocol
H3
Server
2600:1408:5400:7::170c:9225 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD928AA5A04F4F8087436EA9ED02C958 Ref B: BLUEDGE1922 Ref C: 2024-02-17T22:52:29Z
x-cdn-traceid
0.25422417.1708210349.20b757cc
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 17 Feb 2024 22:52:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AF8CCEF992244F4D82EC939C4B286190 Ref B: BL2EDGE2206 Ref C: 2024-02-17T22:52:29Z
x-cdn-traceid
0.25422417.1708210349.20b75757
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d345f192daaf44ebb566723f1a687d2e&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B01 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwhqmpgVC50OSpb-hIs2rgq0yp0giLCkKcE7VcPbUH_YHea1chi6yNysWHV6H8eb3yPv_LhHuqTCHlbm5J_RLHye97WtAALxjrNhktSgcP_KBaiULK120DqocaVCK74jYyQ_bClGk&sig=Cg0ArKJSzG3y6dSgfUsaEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=414314800&rst=1708210348178&rpt=495&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 22:52:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| nav_tag function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element boolean| ai_process_elements_active function| MobileDetect function| ai_process_lists boolean| ai_js_code function| goToTop object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDY5OGE1YzQ1MTI4MzY5YmxvYWRlcl9qcw== string| NDY5OGE1YzQ1MTI4MzY5YmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag object| GoogleGcLKhOms boolean| google_empty_script_included boolean| 8ec47ca5-5edf-429d-abb9-4e440271d356 object| google_image_requests

9 Cookies

Domain/Path Name / Value
.sifanoro.com/ Name: _ga_P458M37XVJ
Value: GS1.1.1708210347.1.0.1708210347.0.0.0
.sifanoro.com/ Name: _ga
Value: GA1.1.484174178.1708210347
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.bing.com/ Name: MUID
Value: 006FEE558457693A123EFA7D859068A2
.sifanoro.com/ Name: __gads
Value: ID=5c52686af34d41dd:T=1708210347:RT=1708210347:S=ALNI_MYJExajdnvpzbPCeeZfM_VT4DPpZA
.sifanoro.com/ Name: __gpi
Value: UID=00000dcad61e9da2:T=1708210347:RT=1708210347:S=ALNI_MbDisOQK49t7XiYQIN6UPzVseupqQ
.sifanoro.com/ Name: __eoi
Value: ID=b672487b4d78194b:T=1708210347:RT=1708210347:S=AA-Afja1XHvrjHm5dDIiOL6S8KAx
.doubleclick.net/ Name: IDE
Value: AHWqTUnethA0Z5BgVZehb9OHK3ylsopDuhkxOMlFBIlG7ihz6ab2ibWV6erXMjOceZo
.sifanoro.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9Vq1cc5VjYMbtvPPAGy7_DbuhXWMm5x-Z6tlAkSiwZbqcsqlxA8soy0WthXy_H_ydEuFtfiQkKJ8D33oCcf0MHN86EVLyV8j80l8ulN45N7CVfM06XWjYa31c88ADoSZxtBfdN9Oh8YVd8zAbUMHqTIuWWfQ%3D%3D%22%5D%5D

9 Console Messages

Source Level URL
Text
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hab.sifanoro.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
cdn.adnxs.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hab.sifanoro.com
nym1-ib.adnxs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hab.sifanoro.com
109.70.148.62
151.101.65.108
2600:1408:5400:7::170c:9225
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::65
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::63
2607:f8b0:4004:c08::71
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::61
2620:1ec:29:1::38
68.67.179.164
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
018da23a9f13dd5042bd624238bcd1f017b0cbba6339069a2a7a009311fc7d30
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1
0a5be79b8c932028f14780db4e40a063803f5fddf5b40d595cacea88b3d48c0b
19adc4a55ecbc2288bef9222e072e5e80f78752791cf4efe86030a97afadb734
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c
2bc2a6e1f5ee6c31781e0b037984e25e47da9ca32682b8208291366d6bf4755f
2be0bb4ae4ebc787f3dfa9b336144bd74e65d2101413c30b9befc4513081b065
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36f2840a6b0bfd5079dc22329ff6754c006affd611b4f1244a58c44b60289d1d
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457895dffcacf56d61e8ef4b25a9fa4cdca4429f3424cf8a1cbc4bb9ae7a804d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
59b80782ed79e574293cde378d8f0a42ef167cf5cb07cf944b34761e632b0ed5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638a7002e03d7b0dd89a369d8997a8a7d2f7558b03c22950a4feea6842a46d82
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
87b3aaa273d83e411e0068f909570dca37d520b93d3bf0276b329549d4a6bed3
92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a37c1ae4753e4d5dc3902ba4737a44d813eb4891ee26ca8c94b0e4a089068f23
ab5fbe63ee0785bb10ce8ca992371098297e54a2c9814b6c7a704ad0fc36d59a
afe98f8b8845ca7a1b92397e5a310c0a88b8c1bd2f55c58a813bdd9792114085
b4104381f660e261e004d9191b69030554d2e256f3524479b12dcb88263f36e0
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
bc3f0979e101efe27fcee670fe0fa77355e102e5f42680028ecd56d32b3089f6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d1fe17a123a6e2690721e9f55f3e96f5a3f77d820e104150f32cd38cea03f177
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2f9fea49ed780b05a93acff0476a7d1a026d74f942afe3a213e20b44031ddf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f388048df43af18022331a39e86b4bb8c0b5222a1e82600082f07a78cab67979
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929