urlscan.io logo urlscan.io
SecurityTrails logo

ltdaunviersity.webcindario.com Open in urlscan Pro
5.57.226.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://ltdaunviersity.webcindario.com/
Submission: On June 12 via manual from CA — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 59 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is ltdaunviersity.webcindario.com.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time ltdaunviersity.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 5.57.226.202 29119 (SERVIHOST...)
7 142.251.221.2 15169 (GOOGLE)
2 142.251.220.202 15169 (GOOGLE)
1 52.216.160.163 16509 (AMAZON-02)
1 142.251.221.10 15169 (GOOGLE)
2 104.21.80.217 13335 (CLOUDFLAR...)
1 142.251.220.232 15169 (GOOGLE)
3 142.251.220.194 15169 (GOOGLE)
1 173.231.16.76 18450 (WEBNX)
1 34.117.59.81 396982 (GOOGLE-CL...)
2 142.251.221.46 15169 (GOOGLE)
2 103.229.10.192 16509 (AMAZON-02)
1 142.251.221.34 15169 (GOOGLE)
16 142.251.220.206 15169 (GOOGLE)
1 18.161.49.49 16509 (AMAZON-02)
1 74.125.130.157 15169 (GOOGLE)
2 142.251.220.228 15169 (GOOGLE)
1 142.251.220.227 15169 (GOOGLE)
3 142.251.220.129 15169 (GOOGLE)
59 20
11    5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)
ltdaunviersity.webcindario.com
7    142.251.221.2 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s02-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.251.220.202 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f10.1e100.net
fonts.googleapis.com
1    52.216.160.163 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gilroy-web-fonts.s3.amazonaws.com
1    142.251.221.10 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s02-in-f10.1e100.net
ajax.googleapis.com
2    104.21.80.217 (None, )

ASN13335 (CLOUDFLARENET, US)
hosting.miarroba.info
1    142.251.220.232 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s01-in-f8.1e100.net
www.googletagmanager.com
3    142.251.220.194 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.com
1    173.231.16.76 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-76.static.webnx.com
api.ipify.org
1    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
2    142.251.221.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f14.1e100.net
www.google-analytics.com
2    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    142.251.221.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f2.1e100.net
partner.googleadservices.com
16    142.251.220.206 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f14.1e100.net
fundingchoicesmessages.google.com
1    18.161.49.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-49-49.cgk50.r.cloudfront.net
rules.quantcount.com
1    74.125.130.157 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
stats.g.doubleclick.net
2    142.251.220.228 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s01-in-f4.1e100.net
www.google.com
1    142.251.220.227 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s01-in-f3.1e100.net
www.google.com.au
3    142.251.220.129 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s01-in-f1.1e100.net
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
19 google.com
adservice.google.com — Cisco Umbrella Rank: 106
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1941
www.google.com — Cisco Umbrella Rank: 3
65 KB
11 webcindario.com
ltdaunviersity.webcindario.com
2 MB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
249 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
10 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
ajax.googleapis.com — Cisco Umbrella Rank: 422
33 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1195
pixel.quantserve.com — Cisco Umbrella Rank: 973
10 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
2 miarroba.info
hosting.miarroba.info
2 KB
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 21532
408 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1130
640 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1086
610 B
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 6127
509 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2461
122 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
64 KB
1 amazonaws.com
gilroy-web-fonts.s3.amazonaws.com
9 KB
59 15
Domain Requested by
16 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 ltdaunviersity.webcindario.com ltdaunviersity.webcindario.com
7 pagead2.googlesyndication.com ltdaunviersity.webcindario.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com ltdaunviersity.webcindario.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 hosting.miarroba.info ltdaunviersity.webcindario.com
2 fonts.googleapis.com ltdaunviersity.webcindario.com
1 www.google.com.au ltdaunviersity.webcindario.com
1 pixel.quantserve.com ltdaunviersity.webcindario.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 secure.quantserve.com www.googletagmanager.com
1 ipinfo.io ajax.googleapis.com
1 api.ipify.org ajax.googleapis.com
1 www.googletagmanager.com ltdaunviersity.webcindario.com
1 ajax.googleapis.com ltdaunviersity.webcindario.com
1 gilroy-web-fonts.s3.amazonaws.com ltdaunviersity.webcindario.com
59 21

This site contains no links.

Subject Issuer Validity Valid
*.webcindario.com
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
miarroba.info
E1		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
ipinfo.io
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://ltdaunviersity.webcindario.com/
Frame ID: 093A377C95BEDB854B6A3BEAFE5B5543
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: E4E50B1B57562B8039C49C6348C67546
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1686593316&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_r&format=0x0&url=https%3A%2F%2Fltdaunviersity.webcindario.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686593314962&bpp=53&bdt=1130&idt=1602&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1419687469743&frm=20&pv=2&ga_vid=1986227000.1686593317&ga_sid=1686593317&ga_hid=1911805754&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075205%2C44788442&oid=2&pvsid=2800343204114491&tmod=897652916&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1622
Frame ID: 515925B937F8C787B341E1E862C76094
Requests: 1 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 5E90E827A2DF03D8B05373F273CD8F34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E3CA21E33D4BFF70B37E9F602AFA63D2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77B9DBC39ABC667DB90556C20758FECB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Universitaria

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

2697 kB
Transfer

4294 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ltdaunviersity.webcindario.com/ 		43 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
999c615ae5fc92a4aca8f1137de0a848f0861cbd78c47aa071ef60c97574850b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 12 Jun 2023 18:08:33 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
Webcindario Hosting Service
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ff0c96fbcc8ab043d339ec96640d18364c55380f4a22851a5efe8db19b5e5c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
Origin
https://ltdaunviersity.webcindario.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47689
x-xss-protection
0
server
cafe
etag
15480625849109344239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 18:08:34 GMT
all.min.css
ltdaunviersity.webcindario.com/content/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/content/all.min.css
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 12:04:47 GMT
server
nginx
etag
W/"6481c3df-e4d2"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/css
ionicons.min.css
ltdaunviersity.webcindario.com/content/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/content/ionicons.min.css
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 12:04:50 GMT
server
nginx
etag
W/"6481c3e2-c854"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/css
adminlte.min.css
ltdaunviersity.webcindario.com/content/ 		674 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/content/adminlte.min.css
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
84c213974de42584cc8f32e80311e85b304838417ca362ca0dc3dda93c84474f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 12:04:47 GMT
server
nginx
etag
W/"6481c3df-a860a"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/css
adminlte_CU24HS.css
ltdaunviersity.webcindario.com/content/ 		70 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/content/adminlte_CU24HS.css
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
2e3efe85140196fcd31942319e6d0978dbcfed24b978e65aad9e264d42e47437

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 12:04:46 GMT
server
nginx
etag
W/"6481c3de-117ee"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f10.1e100.net
Software
ESF /
Resource Hash
2004da08c3292d624ecf047b2abea5e34c7d9d723e28629e5e61c73ac383e1f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:07:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 18:08:34 GMT
main.616c9648.css
ltdaunviersity.webcindario.com/content/ 		55 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/content/main.616c9648.css
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
b40f14d9ec6b75be7ecc229fec68ea5cb04b0c1cdff75152aac5ac6ebcf25c36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 12:04:52 GMT
server
nginx
etag
W/"6481c3e4-dbad"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/css
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f10.1e100.net
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 18:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:08:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 18:08:34 GMT
gilroy.css
gilroy-web-fonts.s3.amazonaws.com/web-fonts/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gilroy-web-fonts.s3.amazonaws.com/web-fonts/gilroy.css
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.160.163 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f228405a9c61f206d0f11d4ba466d7d6efee542033d31329c2fcebf4035d3bfa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 18:08:35 GMT
Last-Modified
Tue, 29 Jun 2021 15:40:43 GMT
Server
AmazonS3
x-amz-request-id
WKNMM4Z5K1ZT96MW
ETag
"cdcaaeb317218d2e19d0f6a4d37ca5bd"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
8741
x-amz-id-2
IjKd2BCyNWLDPj5/2euHAKl4YqC2s8msILvbX1jJzWAoSgBlDfSrinzLvE9M9I9Mmz2ZNeMtK6Q=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 14:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Jun 2024 14:25:49 GMT
logo-cu-nuevo.png
ltdaunviersity.webcindario.com/content/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ltdaunviersity.webcindario.com/content/logo-cu-nuevo.png
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
0f66bf8c4c3f511a06e04fe68cf6f31b93ebef6936d54a7201c4e1d5317aeeab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
last-modified
Thu, 08 Jun 2023 12:04:50 GMT
server
nginx
etag
"6481c3e2-a103"
x-powered-by
Webcindario Hosting Service
content-type
image/png
accept-ranges
bytes
content-length
41219
Telegram.js
ltdaunviersity.webcindario.com/ 		2 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/Telegram.js
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
d4bf56b104e7f91867e6893cea1fcdeec2a82000f1817c719994f4ed5eb9b13a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 12:04:43 GMT
server
nginx
etag
W/"6481c3db-85c"
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
application/javascript
/
hosting.miarroba.info/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hosting.miarroba.info/?__muid=4c8af47c031faeb0417a26532bc967da35439bfa&h=2128206&t=1686593313&k=88adf4327bc3c82ce7bdabe479df4c5e
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eaeb3b84a100675cec313ecd5f4ef55d892b6dfdc1faf09eac14ea657f82003

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 18:08:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 12 Jun 2023 18:08:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtWzw3pIbc9KDuB1A5TFjSwWp1aFVkWz%2B2hy9KxuI5Gz6dhtjSoRLg8opRUd3JxrDGgqASH7r%2BqdYGK3Knd5Bt14tCffs3q445wqip5j3TKtVW5Eq3%2Bh2kEZAs88pZopozYz%2BvjxZQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=iso-8859-1
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache
cf-ray
7d640a3ffb7fa937-SYD
alt-svc
h3=":443"; ma=86400
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		171 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7ef44e90e7234ee50f65303529343883c8b4e74d9b4ae44431feffefd4b47240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
64701
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Jun 2023 18:08:35 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/ 		352 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_fy2021.js?bust=31075205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f2.1e100.net
Software
cafe /
Resource Hash
99f1320e80b83ec27e03efd586d71cd2f00c82ee6e04feb36dde5181f341b467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120856
x-xss-protection
0
server
cafe
etag
10883324312791618223
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 18:08:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame E4E5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
37408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 07:45:07 GMT
etag
15057649708203361565
expires
Mon, 26 Jun 2023 07:45:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
api.ipify.org/ 		23 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-16-76.static.webnx.com
Software
/
Resource Hash
509e3db2f0716ce97ad4948116d4bf019741019f2b9d5fd5d37a8151e7897738

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ltdaunviersity.webcindario.com
date
Mon, 12 Jun 2023 18:08:35 GMT
content-length
23
vary
Origin
content-type
application/json
/
ipinfo.io/ 		260 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
c9807dfa336afebcd35b28ccc6e5c8ef6e266d56bea369ed01ed5974f65fa94c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
via
1.1 google
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
background_login.png
ltdaunviersity.webcindario.com/content/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ltdaunviersity.webcindario.com/content/background_login.png
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/content/adminlte_CU24HS.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
f411f6603f2bc1d94f082186ff2b54dee9f388480a519a9ae052e0ad5f7b901f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/content/adminlte_CU24HS.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
last-modified
Thu, 08 Jun 2023 12:04:49 GMT
server
nginx
etag
"6481c3e1-1cbd26"
x-powered-by
Webcindario Hosting Service
content-type
image/png
accept-ranges
bytes
content-length
1883430
fondo-gota.png
ltdaunviersity.webcindario.com/content/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ltdaunviersity.webcindario.com/content/fondo-gota.png
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/content/adminlte_CU24HS.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
4d99c3b462f6c305c11985422d353a78ef52ecc13792a5909c44855543dfe0c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/content/adminlte_CU24HS.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
last-modified
Thu, 08 Jun 2023 12:04:49 GMT
server
nginx
etag
"6481c3e1-5f25"
x-powered-by
Webcindario Hosting Service
content-type
image/png
accept-ranges
bytes
content-length
24357
truncated
/ 		113 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
Montserrat-Medium.ttf
ltdaunviersity.webcindario.com/content/ 		194 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ltdaunviersity.webcindario.com/content/Montserrat-Medium.ttf
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/content/adminlte_CU24HS.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
738132d47b15860425f3041821cb645b58dd56c24d4cf1948d7630fd378371f3

Request headers

Referer
https://ltdaunviersity.webcindario.com/content/adminlte_CU24HS.css
Origin
https://ltdaunviersity.webcindario.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:35 GMT
last-modified
Thu, 08 Jun 2023 12:04:52 GMT
server
nginx
etag
"6481c3e4-307d8"
x-powered-by
Webcindario Hosting Service
content-type
application/x-font-ttf
accept-ranges
bytes
content-length
198616
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Jun 2023 17:13:25 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3312
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 12 Jun 2023 19:13:25 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:37 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 19 Jun 2023 18:08:37 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ltdaunviersity.webcindario.com&callback=_gfp_s_&client=ca-pub-7294310421616689
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_fy2021.js?bust=31075205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
c7f6f47cd67af9e6ee936150f2628a793d9e35f4bc44364e31a0f6a32d0648e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ltdaunviersity.webcindario.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_fy2021.js?bust=31075205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5159 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1686593316&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_r&format=0x0&url=https%3A%2F%2Fltdaunviersity.webcindario.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686593314962&bpp=53&bdt=1130&idt=1602&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1419687469743&frm=20&pv=2&ga_vid=1986227000.1686593317&ga_sid=1686593317&ga_hid=1911805754&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075205%2C44788442&oid=2&pvsid=2800343204114491&tmod=897652916&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1622
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_fy2021.js?bust=31075205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
d06c319084e0d437019a8a58bc7c81ddc289b5ed3c2bdc6806da7665577e43a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4729
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 18:08:36 GMT
expires
Mon, 12 Jun 2023 18:08:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-7294310421616689
fundingchoicesmessages.google.com/i/ 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7294310421616689?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_fy2021.js?bust=31075205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
50f8a0c411a649bc1eee9d10d7770ff538f5704ed3ab8b9b05fcbf0d8e6dd097
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dwhOCMSxy8iwIbfVsBRWhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dwhOCMSxy8iwIbfVsBRWhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
607f6b0b381bbc1f64fa027d62891072_cookie.php
hosting.miarroba.info/ Frame 5E90 		46 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ltdaunviersity.webcindario.com
Referer
https://ltdaunviersity.webcindario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d640a480dcfa937-SYD
content-encoding
br
content-type
text/html; charset=iso-8859-1
date
Mon, 12 Jun 2023 18:08:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkL%2FeBUQZOk5gB1SJUVhOVtzEMOvPtDri2eniNVFFd%2BVtpHL443eE%2FuZLlmEO%2BOulxUolBiWbwK%2BqJ8vkgwO%2BUh5pHVrU4GnUONk%2FzO9lVcvy7uKne%2Bai886Ihq9gd20Ptg4UhlCAcQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rules-p-d5x2uDVHd7ALE.js
rules.quantcount.com/ 		160 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.49.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-49-49.cgk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:38 GMT
via
1.1 2e96d76308e88774d8064bef7f5afe4c.cloudfront.net (CloudFront)
x-amz-cf-pop
CGK50-P1
age
346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:55:53 GMT
server
AmazonS3
etag
"ceee564f54e512a948f918e2710eab6e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
J7zoWc20oIJwyN8yS0MHAthsm6tR-c9DsC_7r7Ya70RxYc_oyNp2JQ==
collect
www.google-analytics.com/j/ 		4 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1911805754&t=pageview&_s=1&dl=https%3A%2F%2Fltdaunviersity.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Universitaria&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABCAAAAC~&jid=2119991707&gjid=804916558&cid=1986227000.1686593317&tid=UA-597118-7&_gid=2006796118.1686593317&_r=1&_slc=1&gtm=45He3671n71T2VG59&z=326295852
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 18:08:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ltdaunviersity.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-597118-7&cid=1986227000.1686593317&jid=2119991707&gjid=804916558&_gid=2006796118.1686593317&_u=YAhAAAAACAAAAC~&z=1283968570
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 12 Jun 2023 18:08:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ltdaunviersity.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXSiUeG_9ExdFpkSUVCBq_jaHzRpFHWUXH7xzHvKNab9IC9NXVq-IgAECIyBX9z4PZKfmckMCib0kRJig31eyM=
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXSiUeG_9ExdFpkSUVCBq_jaHzRpFHWUXH7xzHvKNab9IC9NXVq-IgAECIyBX9z4PZKfmckMCib0kRJig31eyM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2NTkzMzE4LDM2MDAwMDAwMF0sIkFEQkVFMDY5LTU3NzUtNDJCRC05QzM3LTY2RTdDRkQzODkzNSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbHRkYXVudmllcnNpdHkud2ViY2luZGFyaW8uY29tLyIsbnVsbCxbWzgsIkl5eEsyams5TS1ZIl0sWzksImVuLUdCIl0sWzE4LCJbW1sxXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
3067b201f17302ccc370eb65c5019ea239d7394b7b946b9780dd0c0360bc10d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bqrRiYM-mlxG2JtjGUH-pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-bqrRiYM-mlxG2JtjGUH-pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel;r=1248663777;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fltdaunviersity.webcindario.com%2F;uht=2;fpan=1;fpa=P0-1153529898-1686593317303;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1248663777;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fltdaunviersity.webcindario.com%2F;uht=2;fpan=1;fpa=P0-1153529898-1686593317303;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=webcindario.com;dst=0;et=1686593318365;tzo=0;ogl=;ses=fe56128c-ff7f-49d1-9ca2-4895428fd41b;mdl=
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 18:08:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-597118-7&cid=1986227000.1686593317&jid=2119991707&_u=YAhAAAAACAAAAC~&z=1907649829
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 18:08:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-597118-7&cid=1986227000.1686593317&jid=2119991707&_u=YAhAAAAACAAAAC~&z=1907649829
Requested by
Host: ltdaunviersity.webcindario.com
URL: https://ltdaunviersity.webcindario.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 18:08:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_fy2021.js?bust=31075205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f2.1e100.net
Software
cafe /
Resource Hash
791e51f23912b3e5c5e972351a0431b3da843bfd784e9a13a28375f135cee082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11196
x-xss-protection
0
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.6899832738090432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ub6MnVeaj4TiftWV_Um5nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ub6MnVeaj4TiftWV_Um5nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.582552410539703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uWC1GJB_Ym32Dz2IA-RTxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-uWC1GJB_Ym32Dz2IA-RTxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_fy2021.js?bust=31075205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 18:08:40 GMT
AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dw90dz8fD-WcP9Vbd_4LFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dw90dz8fD-WcP9Vbd_4LFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ltdaunviersity.webcindario.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adpicture1..ad.json
fundingchoicesmessages.google.com/f/AGSKWxVc73BVZDRNhueUrHCEiA-u6KB2uX6vI6ehQrdkbqWALwZXe7ZwJNrSDG7_w4ucUakP3mzF8JLh63ZWfqfkij9Ma_4TDmsehPVQpQwEFf0S_0flldejgCoiP2mJUtwajCr8NGYeD45H3RCCxq3ruvm15gdo4... 		54 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVc73BVZDRNhueUrHCEiA-u6KB2uX6vI6ehQrdkbqWALwZXe7ZwJNrSDG7_w4ucUakP3mzF8JLh63ZWfqfkij9Ma_4TDmsehPVQpQwEFf0S_0flldejgCoiP2mJUtwajCr8NGYeD45H3RCCxq3ruvm15gdo4cLeDILHV9jW2MehS4xRMdiopg46WrgU/_&admeld_/adpicture1..ad.json?/ad_rotator._adserved.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
54744f958060ba3efdb2094256d79052ee875df2d0c0b22e48ab897799ea1c74
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KgD7YH-PB_-lnw6cZLMFVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-KgD7YH-PB_-lnw6cZLMFVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f2.1e100.net
Software
cafe /
Resource Hash
d01da1a5177b64fb394755f1296140f8fa872d3c9363be83b5d538403bb739c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47409
x-xss-protection
0
server
cafe
etag
7021254598216474364
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 18:08:40 GMT
AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8S_zZQzKc8OhXtpMCFcMmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8S_zZQzKc8OhXtpMCFcMmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ltdaunviersity.webcindario.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E3CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
209047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Jun 2023 08:04:33 GMT
expires
Sun, 09 Jun 2024 08:04:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 77B9 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f4.1e100.net
Software
GSE /
Resource Hash
55ead4713284913216ddd8ee5f1bb392959f5a4a62056df6a9c7c7f07e3d04e6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WyXX3bi41Z8FPa3qgK3kkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ltdaunviersity.webcindario.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-WyXX3bi41Z8FPa3qgK3kkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 18:08:40 GMT
expires
Mon, 12 Jun 2023 18:08:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame E3CA 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 23:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
154332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 23:16:29 GMT
AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
fundingchoicesmessages.google.com/el/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4cjv3Lhgq6SRViPwD-HgOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4cjv3Lhgq6SRViPwD-HgOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ltdaunviersity.webcindario.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 77B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=2800343204114491&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uyCkGMjvU1Bl0wKLb9LIwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-uyCkGMjvU1Bl0wKLb9LIwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ltdaunviersity.webcindario.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUAmrRHbpWd9dI5MjPFfRNHkvu_bb_2ZySMSn-Nb1A48gXZ9HbLunxsP2TxrpUiwf0OqjBgZyv40VrSYEtfZ2MSxpLgKxyZqhOgiUzeVapaPCqTzcwnAj8UR2rWkyBHcIIsJ95XFg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fGvoEFRlTOdlHoDGppNJ6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fGvoEFRlTOdlHoDGppNJ6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ltdaunviersity.webcindario.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUq_eXbuU2FnkxmIYse0EQCQ0cb4OrpTwYY_qm1NP4dJ826a0hiwpEHeJ3j2NumZwtJpqkfgGJQHhRr2GZNHR2tro6mNGc_Wib7ivDVjMDPDD6v6qUDT1WgiKtDuyZIEEg3usIfww==
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUq_eXbuU2FnkxmIYse0EQCQ0cb4OrpTwYY_qm1NP4dJ826a0hiwpEHeJ3j2NumZwtJpqkfgGJQHhRr2GZNHR2tro6mNGc_Wib7ivDVjMDPDD6v6qUDT1WgiKtDuyZIEEg3usIfww==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2NTkzMzIwLDk4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbHRkYXVudmllcnNpdHkud2ViY2luZGFyaW8uY29tLyIsbnVsbCxbWzgsIkl5eEsyams5TS1ZIl0sWzksImVuLUdCIl0sWzE4LCJbW1sxXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
23feb7d5d3e41dde7500137eb4883aa2a69661dc60ba82f1a2166879824db968
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vKdPWyxHuxK7c9Kth7rzDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-vKdPWyxHuxK7c9Kth7rzDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E3CA 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k6qDcg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
AGSKWxWeFZSzjJpzZU5ueho3UMr_g2h29iPX93GGmEXZCksDEML_dfb7Ggh7aM3buDfMXHK-03COk0NOLpjo3FWtBtA=
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWeFZSzjJpzZU5ueho3UMr_g2h29iPX93GGmEXZCksDEML_dfb7Ggh7aM3buDfMXHK-03COk0NOLpjo3FWtBtA=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uGC-5nWyTrLcAx3TfDOBpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uGC-5nWyTrLcAx3TfDOBpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ltdaunviersity.webcindario.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVg1FfQJmgcooAW_Lv2wXC4rmxngnBWWNDXokx-2T13QN_EGlEaoIWnakva9qhOuybJG-4dVrz6ZQZ044DUr3zWCqM1v0adK4aRmhsLGa0HhgcN7LYNTv_iuJ6A7W4mKO1uF4eX0g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVg1FfQJmgcooAW_Lv2wXC4rmxngnBWWNDXokx-2T13QN_EGlEaoIWnakva9qhOuybJG-4dVrz6ZQZ044DUr3zWCqM1v0adK4aRmhsLGa0HhgcN7LYNTv_iuJ6A7W4mKO1uF4eX0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2NTkzMzIxLDI1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbHRkYXVudmllcnNpdHkud2ViY2luZGFyaW8uY29tLyIsbnVsbCxbWzgsIkl5eEsyams5TS1ZIl0sWzksImVuLUdCIl0sWzE4LCJbW1sxXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
1e1bb6c9355b2db38b67bf7517f922d82580891c99ae553824c055401a6da094
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U4KObBuCzGltoEGjfOX6uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-U4KObBuCzGltoEGjfOX6uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVRiZg128tCTyyfZEYdZk57N-ANdiEVG3x46Dv23LvexxbsN_lH3c8NeiwulUBU4d10q4d_fithQKDpGzW3wVHyRu0bwEQ_6pQt3-W5GzAQ4gqVFtKXGoBipzFT2RRvrAkc6-2JJQ==
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVRiZg128tCTyyfZEYdZk57N-ANdiEVG3x46Dv23LvexxbsN_lH3c8NeiwulUBU4d10q4d_fithQKDpGzW3wVHyRu0bwEQ_6pQt3-W5GzAQ4gqVFtKXGoBipzFT2RRvrAkc6-2JJQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2NTkzMzIxLDUyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZXMiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9sdGRhdW52aWVyc2l0eS53ZWJjaW5kYXJpby5jb20vIixudWxsLFtbOCwiSXl4SzJqazlNLVkiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzFdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
7353ba8908cff2a29ed548aace686de4a3a66cc9cb1e3b4a5265aefef9461614
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Daao2lIhnnUNgBKE6jzzkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Daao2lIhnnUNgBKE6jzzkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=2800343204114491&bg=!V1SlVADNAAaGYqkwpmI7ADkAdvg8WtTgsDU7Zu_d5RGj1Hd2NvtlVN7lIW6XQg9bfgx1HME-6qrSsYPzlpD5HJxjsjOQHBxS6NACAAAAYlIAAAAHaAEHmQLdDweWVr7F4mue63_t8RyOHW99GzVMbwLryemo5KgIYbQcyPEqeANHnQLUzryx7kelljW_IWpTzvPVOIM07FsGf9_HGo-bAq3vQ0dhIzaO_wAg5_3lA_IRr7v70x3ZfXxBcMYODdypVk_ssRlPXsqEQ6jqM53T5yvm--Wdrh8o8DFL51NecFtBusmPxF8RzuthTpg7ICaEalwm3IUel6USuP1RGneJqsr9KO1iPZwKjOJxFAfCR6mDeuwBHPB931lzWg1WQOvdZ5PwSXlD8lUQ_93O4zb47ZJlbCbAhd67vwJbmjjXm59Aow6IDjVkvHuPg_OS_NybMGydwAtet1Cnj4MpTGQTg_jPMsN0sPpVjtj3IdR9mF0tU87-9k9tfD_eX54I8-T-o6faMRKk7KTh0Q5tWR2IsfawvTtRy_veDLJLChJWxZUH2XK5gL2H6Bw80MW22dftUkbFhVdBGV9Ur6ANPn6VdKNQDBiHH-ixm4v0qdwBX8RGedl-Kv-DU-8QcfkjigUkW26NfI-U8Z2_Hbh5CB5-BittHCiH7fY3zEI0RIJ2rS8-xEA9Cm0L3hpt4FyQzcN-jDoVMTtdHqilyAswWbgLR5BORlWR_6Htfe72pYxqUZE_SiVBeavEeWxC5MjTBHF9whvU6ea-09Ij8ntUQNbuot-B0qci0ENQitKZoa1i7iGGZLkmVcXVggICiQue12KwJuGojJ71SOQhjswvHBk8jRhpNEpLV7oX4GDAcOnNZ3cfuzIBIEnRk3YfspPDmOBRhc2NWOj-s8uXFXY2zQ92LOaGyb2Rhk76FQift9jD-OVnLt-BVkwECwkQpL4IZF17zA5GboszzVMgLtJsiWRc_D04y7VAJNlnrO2j82CBHWRR80IlHK8dH7U4doRI4drAofW3ccTvPGiTNvV7TaBSroN2VNkMhBzHwZS38NPl9B8JI26IZdhqCbFnWDy0evN40iN2EG2azQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ltdaunviersity.webcindario.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
AGSKWxU0W6gnd5n5CHnOzmcd1_mGUFEEDJF5brSIRvSyPQUbYF3K-x7Y_tXVAnzllqcStqQI53my4WL3wEiCVJFnubyFJxz304Pln5PLSIAA8KAHReQPdcRSfwGLZqQ8BnRs4jHDUAufAw==
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0W6gnd5n5CHnOzmcd1_mGUFEEDJF5brSIRvSyPQUbYF3K-x7Y_tXVAnzllqcStqQI53my4WL3wEiCVJFnubyFJxz304Pln5PLSIAA8KAHReQPdcRSfwGLZqQ8BnRs4jHDUAufAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_JRBUj1RLFgdPf4zaUc-cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_JRBUj1RLFgdPf4zaUc-cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ltdaunviersity.webcindario.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWeFZSzjJpzZU5ueho3UMr_g2h29iPX93GGmEXZCksDEML_dfb7Ggh7aM3buDfMXHK-03COk0NOLpjo3FWtBtA=
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWeFZSzjJpzZU5ueho3UMr_g2h29iPX93GGmEXZCksDEML_dfb7Ggh7aM3buDfMXHK-03COk0NOLpjo3FWtBtA=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.IyxK2jk9M-Y.es5.O/d=1/rs=AJlcJMxxzMZWkrb2I34MQQdgJr9t8PEvhw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YYe1ScMUS_RCucBcjHtLdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ltdaunviersity.webcindario.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 18:08:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-YYe1ScMUS_RCucBcjHtLdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ltdaunviersity.webcindario.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map string| telegram_bot_id string| chat_id undefined| USER undefined| PASS undefined| PIN undefined| TYPE undefined| NUMBER undefined| ip undefined| ip2 undefined| message function| ready function| sender function| ready1 function| sender1 object| google_tag_manager string| GoogleAnalyticsObject function| mia_ga object| _qevents function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run function| quantserve function| __qc object| ezt object| _qoptions object| gaplugins object| gaData object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| Njc2YmEyNzM3MGQ0MmI4OWxvYWRlcl9qcw== string| Njc2YmEyNzM3MGQ0MmI4OWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| GoogleGcLKhOms boolean| b0277085-0e65-412c-aa20-c5949d3a6277 object| google_image_requests

10 Cookies

Domain/Path Name / Value
.webcindario.com/ Name: __muid
Value: 4c8af47c031faeb0417a26532bc967da35439bfa
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ltdaunviersity.webcindario.com/ Name: _ga
Value: GA1.3.1986227000.1686593317
.ltdaunviersity.webcindario.com/ Name: _gid
Value: GA1.3.2006796118.1686593317
.ltdaunviersity.webcindario.com/ Name: _gat_UA-597118-7
Value: 1
.webcindario.com/ Name: __gads
Value: ID=9885626e4a3af01d-22e7bbe9a6b40087:T=1686593317:RT=1686593317:S=ALNI_MY1_pA8uq_0FT7hCQBCKW2y6xyQPw
.webcindario.com/ Name: __gpi
Value: UID=00000c4d03039a02:T=1686593317:RT=1686593317:S=ALNI_MZF7Nzqw56a_t-VLy1cRlHYmGEawg
.quantserve.com/ Name: mc
Value: 64875f26-733b0-b9994-d3cdf
.webcindario.com/ Name: __qca
Value: P0-1153529898-1686593317303
.webcindario.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8jbBw5A6aN9-_kD_x-ycVet7YJxJgRCyDG_PykrmqXoBCZ9Dl44acJAzKGgBM1knNX1ZgDpnVtV_WL3BLj-jkfQnxPgLqPjzqD-83E1qVwMleEmkMZbNVu1KgrEDflA0cYOtZhH7vn1sHqxjYOMtqaXGQxIg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
api.ipify.org
fonts.googleapis.com
fundingchoicesmessages.google.com
gilroy-web-fonts.s3.amazonaws.com
googleads.g.doubleclick.net
hosting.miarroba.info
ipinfo.io
ltdaunviersity.webcindario.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
103.229.10.192
104.21.80.217
142.251.220.129
142.251.220.194
142.251.220.202
142.251.220.206
142.251.220.227
142.251.220.228
142.251.220.232
142.251.221.10
142.251.221.2
142.251.221.34
142.251.221.46
173.231.16.76
18.161.49.49
34.117.59.81
5.57.226.202
52.216.160.163
74.125.130.157
0f66bf8c4c3f511a06e04fe68cf6f31b93ebef6936d54a7201c4e1d5317aeeab
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
1e1bb6c9355b2db38b67bf7517f922d82580891c99ae553824c055401a6da094
2004da08c3292d624ecf047b2abea5e34c7d9d723e28629e5e61c73ac383e1f7
23feb7d5d3e41dde7500137eb4883aa2a69661dc60ba82f1a2166879824db968
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3efe85140196fcd31942319e6d0978dbcfed24b978e65aad9e264d42e47437
3067b201f17302ccc370eb65c5019ea239d7394b7b946b9780dd0c0360bc10d0
4d99c3b462f6c305c11985422d353a78ef52ecc13792a5909c44855543dfe0c8
509e3db2f0716ce97ad4948116d4bf019741019f2b9d5fd5d37a8151e7897738
50f8a0c411a649bc1eee9d10d7770ff538f5704ed3ab8b9b05fcbf0d8e6dd097
54744f958060ba3efdb2094256d79052ee875df2d0c0b22e48ab897799ea1c74
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ead4713284913216ddd8ee5f1bb392959f5a4a62056df6a9c7c7f07e3d04e6
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7353ba8908cff2a29ed548aace686de4a3a66cc9cb1e3b4a5265aefef9461614
738132d47b15860425f3041821cb645b58dd56c24d4cf1948d7630fd378371f3
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
791e51f23912b3e5c5e972351a0431b3da843bfd784e9a13a28375f135cee082
7ef44e90e7234ee50f65303529343883c8b4e74d9b4ae44431feffefd4b47240
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
84c213974de42584cc8f32e80311e85b304838417ca362ca0dc3dda93c84474f
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
999c615ae5fc92a4aca8f1137de0a848f0861cbd78c47aa071ef60c97574850b
99f1320e80b83ec27e03efd586d71cd2f00c82ee6e04feb36dde5181f341b467
9eaeb3b84a100675cec313ecd5f4ef55d892b6dfdc1faf09eac14ea657f82003
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b40f14d9ec6b75be7ecc229fec68ea5cb04b0c1cdff75152aac5ac6ebcf25c36
c7f6f47cd67af9e6ee936150f2628a793d9e35f4bc44364e31a0f6a32d0648e2
c9807dfa336afebcd35b28ccc6e5c8ef6e266d56bea369ed01ed5974f65fa94c
d01da1a5177b64fb394755f1296140f8fa872d3c9363be83b5d538403bb739c0
d06c319084e0d437019a8a58bc7c81ddc289b5ed3c2bdc6806da7665577e43a1
d4bf56b104e7f91867e6893cea1fcdeec2a82000f1817c719994f4ed5eb9b13a
d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f228405a9c61f206d0f11d4ba466d7d6efee542033d31329c2fcebf4035d3bfa
f411f6603f2bc1d94f082186ff2b54dee9f388480a519a9ae052e0ad5f7b901f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff0c96fbcc8ab043d339ec96640d18364c55380f4a22851a5efe8db19b5e5c11