farming.baokhangelectric.com Open in urlscan Pro
2606:4700:3034::6815:5c1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://farming.baokhangelectric.com/
Submission: On March 20 via api (March 20th 2024, 2:10:36 pm UTC) from US — Scanned from US

Summary HTTP 76 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 7 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3034::6815:5c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is farming.baokhangelectric.com.
TLS certificate: Issued by GTS CA 1P5 on March 8th 2024. Valid for: 3 months.

This is the only time farming.baokhangelectric.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3034::6815:5c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c1b::65	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c1f::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::5e	15169 (GOOGLE) (GOOGLE)
2	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::67	15169 (GOOGLE) (GOOGLE)
76	11

21 2606:4700:3034::6815:5c1 (United States)

ASN13335 (CLOUDFLARENET, US)

farming.baokhangelectric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::9b (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c1b::65 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c1f::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	548 KB
21	baokhangelectric.com farming.baokhangelectric.com	567 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 5	74 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	106 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	70 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
76	7

	Domain	Requested by
21	farming.baokhangelectric.com	farming.baokhangelectric.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	farming.baokhangelectric.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	www.googleadservices.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	farming.baokhangelectric.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
76	10

This site contains links to these domains. Also see Links.

Domain
www.candidthemes.com

Subject Issuer	Validity	Valid
baokhangelectric.com GTS CA 1P5	`2024-03-08` - `2024-06-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://farming.baokhangelectric.com/
Frame ID: F1118D7B3D0DCC08DA9450D8DABEEF5A
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2559760529967055&output=html&adk=1812271804&adf=3025194257&lmt=1710943831&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_r&format=0x0&url=https%3A%2F%2Ffarming.baokhangelectric.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710943830998&bpp=686&bdt=263&idt=687&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6851638898977&frm=20&pv=2&ga_vid=1145207367.1710943832&ga_sid=1710943832&ga_hid=618343446&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95326315%2C31081947%2C95322180&oid=2&pvsid=4395285443401647&tmod=1544824325&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=759
Frame ID: FE62042D9D49FAB3D6D58FC865EA826B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 0C349B69E06FE1041D321A1E0F9BF836
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 8184F2D384BE07BF5CBE0E7B1007735D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 8E1F9ED01F373D1064F7E684CB1FD9A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 358B5F48BB2D62F9040F4F67C3EB0D21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C2A120F0DF77B917AD2AB558734F188
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E63D87E302D17AB0398B528E4E5C51C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

farming.baokhangelectric.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

76
Requests

97 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

11
IPs

1
Countries

1367 kB
Transfer

3071 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.candidthemes.com/
Title: Candid Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://googleads.g.doubleclick.net/pagead/adview?ai=C3E_KV-76ZZ-bNNSPvPIPqb-7oAu72v6AdsniyYXCEtfa4eOMEBABINGjl5YBYMnGqYvApNgPoAGHzZzHA8gBCagDAcgDywSqBOUBT9C6MdE9tIdlyEWPkLCYw5aRdZlgHUCVNQ6n-sbnAdYjkWn_xnJf1Svn86m9o4NYwKKIGnEy8s_9fLfMOry_XX-uZnlsH32SwdsEY-g_yGrgZudopClf-ofaJJ-6rCxQcI2XSEW-Dvej5WV1jGKLdpLBHf690T4hslva2B3tpVo55g5y7nNT7b4wD_RohXoNAtxGUbUI5iuIHei1OYxzraxYD9JHNkKcWkpiMsoB1l--xvMD4WgPm9YejPN3ci8_dGJoZ7xPC2wTLyke3wDgK41gxOfcPVF7ZVLGEoAW3JcmkaZXCsAEvKfQ7MwEiAXL7aKJTpIFBAgEGAGSBQQIBRgEoAYugAfs_aKgA6gH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEENaSHNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljrhtC6goOFA5oJtQFodHRwczovL2V4cGVydC53ZWJzaXRlL2FydGljbGVzL2FydGljbGUvc21hbGwrYnVzaW5lc3MrZWNvbW1lcmNlLz9hZ3ljaWQ9MTgzNyZwPTc5ZkdHJmFneWtpZD1ya3dkLTE4Mzcmc2VnbWVudD1leHB3MyZjYW1waWQ9MzczODQ5MzQ5OCZhY3R5cGU9Ry05MDY3NjA5LURDJm5vbmVlZD0xNDIwMDg0NTU1MjI3ODYzMTI3gAoByAsB2gwRCgsQgLrd0tjEq86AARICAQO4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTI1NTk3NjA1Mjk5NjcwNTUYALIYBRguIgEA&sigh=GjprnYgjPy8&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqZkRifP15tWYi9RSwvZLHKhsfsD4wM0B424Cbq2U55GtyU60p_qWyRFb42yT3bvkZjvmGLTIqifiUZPGCUenjXkWEC2iH8Uxn-xgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb3a2401d446c1a3e0000000000000000%22,%222%22:%220xe505c23f9fdb03410000000000000000%22,%223%22:%220x1f87c0da573302990000000000000000%22,%224%22:%220x62f4f1bd2be1292a0000000000000000%22,%225%22:%220x9cff30be291228e20000000000000000%22},%22debug_key%22:%2211353263226182528924%22,%22debug_reporting%22:true,%22destination%22:%22https://expert.website%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954672775%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221242598003931791329%22}&andc=true

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
farming.baokhangelectric.com/ 55 KB
9 KB 281ms
225ms Document
text/html 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b1006cd2dad071e646c5405b21bf4ed8f8de6899ffd2bd85dc8571c185ccad4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8676493cb92e41cf-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 14:10:30 GMT
link: <https://farming.baokhangelectric.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vO6jBH%2FaDh23Vb345soOVQYU9nYsQlZcTUNCDhi5eQuq1TcdERiW8wyeexRayL2yU4tr%2Fqol%2BRhyhweC4iNLODBvovQdijyN9z0rb%2FTIjKolIyfjwXr1a0NsNOJ3WTaOblMww0V4zSrDnh4KGUJGbv6ZatsbKMMZa3m0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 173ms
114ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2559760529967055

Requested by

Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3fbad89db9d9204ebcd2c461178b276ea64c31fac68b0cb2ee1f5d79abc505f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
Origin: https://farming.baokhangelectric.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51268
x-xss-protection: 0
server: cafe
etag: 11645353904279601063
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 20 Mar 2024 14:10:30 GMT

GET
H2 200 style.min.css
farming.baokhangelectric.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 35ms
28ms Stylesheet
text/css 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 03:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 475047
etag: W/"1ae43-65f273bf-70e80f;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQlteTOfLWjRnn%2FfdOvmKqSEV3qJFOZEYnSPL2yiO9joN7DErBsYEc53lY5upGn4q3XA%2BqDLoVLuqruQUL42lq4TMAgOPlCOZc09mEWl9wkJyHj5ucKlQPrJymYSIkUj9KllTbWHxWFUp9HEb1BhDOUDqADSUOSaxs9W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8676493e4b2841cf-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 02:13:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 107ms
50ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Requested by

Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 12:41:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 14:10:30 GMT

GET
H2 200 all.min.css
farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/ 58 KB
13 KB 41ms
35ms Stylesheet
text/css 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/all.min.css?ver=1.0.0
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 04:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 475047
etag: W/"e7ad-65f27c90-70f312;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwcRS5PzyZkI8hbrUOEMMO60lDAIgh1SKvk%2Bb9VbN7%2FLz3hSIX%2FFjWEvF02cLzBr%2FYBubXtAcM3DO6pB2gOKuCwh9K0gxw7oH%2F3BsCWQ3sIEzytgZJdNFC%2BcsmUPZg2SWX13YF34GVz8n6IE2fRf6rQDfZLbcw5iFFB1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8676493e4b2a41cf-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 02:13:03 GMT

GET
H2 200 style.css
farming.baokhangelectric.com/wp-content/themes/blockwp/ 56 KB
12 KB 38ms
33ms Stylesheet
text/css 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-content/themes/blockwp/style.css?ver=1.0.0
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d802ef8a8d4d5907c3d164a07c8377ff76a17640f374096e7c2f2a2a68f7570f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 04:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20019
etag: W/"e002-65f27c90-70f352;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGDdQxPdXtoX1fz75crafcWQ4IDXR5yTJ7SUntkAMJB3OD%2BtWiMcH9iVXs1ySFKTwiniJUz%2BFuXkvlOjV3ypOVriYmjoyFCW%2B%2F3CQSG9TD6ritSGNKiL0OALIalXM%2BHQr3HSGyI6WA9LPKBWDfnSMQn3g%2FHPnUCbBQ6Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8676493e4b2b41cf-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Mar 2024 08:36:50 GMT

GET
H2 200 jquery.min.js Show response
farming.baokhangelectric.com/wp-includes/js/jquery/ 86 KB
31 KB 899ms
894ms Script
text/javascript 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 14 Mar 2024 03:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-65f273bf-70ea28;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oK7SmpS%2BwtAV2b3SA3zcsRiaIXRZau5bsZz2Ps36%2FiWZJatPQvY%2BLv5319Aa4k4aK3fZZhdZ0rRh0MWG73tZsGhopEAHKpH9w9uWrE9WN8UiveN81QoHtyM6TUGvs%2Flr1ndC7B6s6cYCG6sYv69xGqBX%2BtnjUThJ8%2FKN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8676493e4b2d41cf-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
farming.baokhangelectric.com/wp-includes/js/jquery/ 13 KB
5 KB 54ms
49ms Script
text/javascript 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 03:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1404
etag: W/"3509-65f273bf-70ea22;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVwjXGeM8AuH%2BYkqIMn3oP6YTUcXOd0fHDFCBqwYbomZPt8alSEJfUpOhKpsVOZN0nS%2BvvLiOV0%2Fh778HaokF9srakwMOZihHfUvqWujodT7AABa7GEa3OvH2ObcrrHuoHq9%2BDpD%2Fosp7sOQbKYLQhmQYF2YsOu5g%2Bfl"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8676493e4b2f41cf-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 quote-from-state-farm-insurance.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 32 KB
33 KB 47ms
42ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/quote-from-state-farm-insurance.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6e51484d31a8655acc7f3aed4ae417a39c0b6f764d7f29d5f1b42dc496acdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475046
alt-svc: h3=":443"; ma=86400
content-length: 33183
last-modified: Thu, 14 Mar 2024 05:22:54 GMT
server: cloudflare
etag: "819f-65f289ae-70f7a0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qKGRRyTXPtOEvCFHZ%2FRx45xrPNLpSTiLY%2BmPinI3wZBlh13Z80VXKppBWKyqHAoL9TKxAbJldqXpWCZeBDoKgV73vOjcnzRR1ClS9QrShaFsQFEnRrU9U32YXIHswg5QkswcQuYLjAqJpzyDJjg3B3eoDpFrFO54n%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8676493e4b3041cf-EWR
expires: Fri, 22 Mar 2024 02:13:03 GMT

GET
H2 200 state-farms-car-insurance.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 51 KB
51 KB 51ms
47ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/state-farms-car-insurance.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 374b9bbed6944f6a7da682c66f91e4c0c2a224592e78a321e5bd92ca255e1d10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475047
alt-svc: h3=":443"; ma=86400
content-length: 51838
last-modified: Thu, 14 Mar 2024 05:22:10 GMT
server: cloudflare
etag: "ca7e-65f28982-70f798;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C21hVlpVqhMfeQWkNPS0Rlwcs7YBjwLq%2BmKHK2CWYC%2FPT1%2FluyhOA%2F6EM07Pg8SdeubViQorkC1eiF1NM9D9HJu%2FWGakbX0K4YHvtgW0IZUOZUYSMclT%2FqPkahzJiKb3u6YnxOp4KNyxUK77oecO5fC1jnefaHhpkUWE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8676493e4b3141cf-EWR
expires: Fri, 22 Mar 2024 02:13:03 GMT

GET
H2 200 navigation.js Show response
farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/js/ 3 KB
1 KB 34ms
30ms Script
text/javascript 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/js/navigation.js?ver=1.0.0
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3f54457974d1ef9d362a5ff3d50f53e71bcf476904b52f3b23f8ee23a186abd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 04:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1403
etag: W/"bf6-65f27c90-70f30c;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjBpfWF6jknSvLPP4SVcbTz3RdWEBThNd%2FVgl5XWGJvpwMdG8sXv%2BbZGTX05%2FVkkktbuno1aV67iIYx%2BwjBXaBdG97yBRLZi%2FHxb4bdnM9l9N%2FEeLsSQtzcRWmD8n0abpD0zQ%2BOjmNvwtqf3zS%2BrrXy%2BowuRLLO%2BJ9Y2"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8676493e4b3241cf-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 theia-sticky-sidebar.js Show response
farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/js/ 15 KB
4 KB 30ms
23ms Script
text/javascript 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/js/theia-sticky-sidebar.js?ver=1.0.0
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dbec753cfd0c5548e5ceb84d3ca357b19765374d0b7856d2b4d2943959da93b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 04:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1402
etag: W/"3a6d-65f27c90-70f30d;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H457vGv0ZKOWrmGw5EbC6JVlHpKW%2Bwgj1t3XhOhePEiq3TTlfgk2vAEwxE4yO%2BRqG9FDqvrpSURKYarE0Gqh7xuDbWCmCV2x2OlEMicptR4EFQNI%2FLz7CAXh7g96VwpOy7Yy2IO7wEvjUkAhyb%2FEHuLkLGDH6X1uWDEi"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8676493e8b9341f8-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom.js Show response
farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/js/ 7 KB
2 KB 28ms
28ms Script
text/javascript 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/js/custom.js?ver=1.0.0
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f42344d0648524d970cea25aa79bb571ee8025e2f7f22002fc276c8ae2f48a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 04:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3159
etag: W/"1d13-65f27c90-70f30a;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uby9N4XbepC5oXY9I2rGAnNZvfZxXx9DALlCnWrAFuKzPL6F7o68ogXjyGhIpJm9%2BTQlODiKgqIsOJvwcHqSAOUenLTSw5t%2ByAOf3A0MWCDBoJsV0gh4aHiy0b9jjsheQCmUYiO2JCLVEyduBE43%2Fld7vhaoWFK9zL%2Bp"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8676493e8ba241f8-EWR
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK fe8b10f4-2511-4bb0-9c3c-87b46af87d20
https://farming.baokhangelectric.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://farming.baokhangelectric.com/fe8b10f4-2511-4bb0-9c3c-87b46af87d20
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 141ms
105ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2559760529967055

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2de8a5529c85917f9921a32514a855433428d0ae65e539ac4da1be56430ccc54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141437
x-xss-protection: 0
server: cafe
etag: 16528488808398955908
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:10:31 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 65ms
24ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://farming.baokhangelectric.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:52:41 GMT
x-content-type-options: nosniff
age: 19070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:52:41 GMT

GET
H3 200 fa-solid-900.woff2
farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/vendor/webfonts/ 76 KB
77 KB 21ms
21ms Font
font/woff2 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/vendor/webfonts/fa-solid-900.woff2
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/all.min.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://farming.baokhangelectric.com/wp-content/themes/blockwp/candidthemes/assets/vendor/font-awesome/all.min.css?ver=1.0.0
Origin: https://farming.baokhangelectric.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475046
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Thu, 14 Mar 2024 04:26:56 GMT
server: cloudflare
etag: "131bc-65f27c90-70f321;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aobXWMqHKPESA%2F2gSrBe%2B1ShEi%2BAV8LvBzIRu5H2vOyD4AgVocwPaxG%2BjmzfIXZsPQstvqcNFLVha6%2Fly%2BE72ITT%2FgFuXVbo9jeb1zPwkh6Ld1f0hbGK%2BslomV8HpaUk6p7he%2Bp7WEarNF8GyhwLDHIO1VCsYN5dowSS"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8676494409c641f8-EWR
expires: Fri, 22 Mar 2024 02:13:05 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 79ms
39ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://farming.baokhangelectric.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:03:00 GMT
x-content-type-options: nosniff
age: 18451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:03:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 58ms
19ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro%3Awght%40400%3B600%3B700&display=swap&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://farming.baokhangelectric.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:09:49 GMT
x-content-type-options: nosniff
age: 21642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:09:49 GMT

GET
H3 200 quote-from-state-farm-insurance.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 32 KB
33 KB 22ms
22ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/quote-from-state-farm-insurance.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6e51484d31a8655acc7f3aed4ae417a39c0b6f764d7f29d5f1b42dc496acdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475047
alt-svc: h3=":443"; ma=86400
content-length: 33183
last-modified: Thu, 14 Mar 2024 05:22:54 GMT
server: cloudflare
etag: "819f-65f289ae-70f7a0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoL13xRCmSIFIQiAWWuvmNAI5q35Fbwb4gUgpDvzyRI7oYQMZf2rRY9T0ntyjp4Li%2BnCzoAMDLQbjb1DWWLwyZopihYVZdWDF0b82K613bAcRPz6sJN2wC%2BSGYV3O77SPmJJtnHBuOACF1qDDeW5bdz%2BZm7T8HiGC8sW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649445a1741f8-EWR
expires: Fri, 22 Mar 2024 02:13:03 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE62 287 KB
62 KB 900ms
861ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2559760529967055&output=html&adk=1812271804&adf=3025194257&lmt=1710943831&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_r&format=0x0&url=https%3A%2F%2Ffarming.baokhangelectric.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710943830998&bpp=686&bdt=263&idt=687&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6851638898977&frm=20&pv=2&ga_vid=1145207367.1710943832&ga_sid=1710943832&ga_hid=618343446&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95326315%2C31081947%2C95322180&oid=2&pvsid=4395285443401647&tmod=1544824325&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=759

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

183efb1af3db1d0c7e3a03b749a674457753959a11875f4b49c0225a70833ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 62851
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 14:10:32 GMT
expires: Wed, 20 Mar 2024 14:10:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 state-farms-car-insurance.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 51 KB
51 KB 22ms
20ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/state-farms-car-insurance.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 374b9bbed6944f6a7da682c66f91e4c0c2a224592e78a321e5bd92ca255e1d10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475048
alt-svc: h3=":443"; ma=86400
content-length: 51838
last-modified: Thu, 14 Mar 2024 05:22:10 GMT
server: cloudflare
etag: "ca7e-65f28982-70f798;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Xm4jELeCMh5CSj%2FytkZpW5txEqvTjH743N1ZOr7WAyCO8hyhme7%2BwxPGTYXFPEkhKlUGNR%2FKBqAtYXaqAiHufnAnVxCTNZzzEcUlWIky4qXc6nrSNSuib5nze7Z2wFgEFEWteweI3szeiTNcG5%2F6rFa0mZzgs4PiFBG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649449a8d41f8-EWR
expires: Fri, 22 Mar 2024 02:13:03 GMT

GET
H3 200 state-farm-claims-login.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 26 KB
27 KB 34ms
32ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/state-farm-claims-login.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114786cb1a42e4415ef84105b81744dcb4ad5ce4b147506cec15794d050ea7c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475030
alt-svc: h3=":443"; ma=86400
content-length: 26847
last-modified: Thu, 14 Mar 2024 05:20:56 GMT
server: cloudflare
etag: "68df-65f28938-70f793;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bX%2BB7YzyTid3CoLmZHNNLjxUNOrSv5xLVYQVzILdLkFbjDK5bOyHe5pn%2BqGPABNyq53DmUpPQ0uaa3tEA8Az%2FQJOm2k8%2F%2FIQQu%2BNQmEzbEUgLTtdrIyCpeLmw%2FhH9ea6xRi6XBXjCoDl0bG7mn%2FiEtR2ZroRRhlxvOJn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649449a9241f8-EWR
expires: Fri, 22 Mar 2024 02:13:21 GMT

GET
H3 200 state-farm-renters-insurance-cost.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 27 KB
27 KB 38ms
36ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/state-farm-renters-insurance-cost.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac9bf7f115c52c4c119ee06acd99e9428ac40517a9fa547c6bd3c104ec61490

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475030
alt-svc: h3=":443"; ma=86400
content-length: 27350
last-modified: Thu, 14 Mar 2024 05:18:56 GMT
server: cloudflare
etag: "6ad6-65f288c0-70f788;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnWxi6dQeAYLAjuhYpoJdtrRpc8IaaDPCCuqGhliKuhkdxVtFTvQCucCkGFFBg%2B5FjzlTwP5XIN2OaSZFHoJMNOh6NYqGjksRnhJJjwWo%2F65S%2FRLf2QAp1MVA3%2BFxsp0od23OHCIAey%2FZhhoZRVJJSJBtLu8FQaKngG%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649449a9441f8-EWR
expires: Fri, 22 Mar 2024 02:13:21 GMT

GET
H3 200 state-farm-home-owners-insurance.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 52 KB
53 KB 42ms
40ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/state-farm-home-owners-insurance.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e77946302a1088834c4bcd912a0f02038c74d183c0012fce001b36bd0a9443be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475030
alt-svc: h3=":443"; ma=86400
content-length: 53435
last-modified: Thu, 14 Mar 2024 05:18:05 GMT
server: cloudflare
etag: "d0bb-65f2888d-70f783;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UE3bnQILEZkj%2FE%2BWsHXVw59nHxokTTRjL6PqE0nxqRN51RrlKwe40lRk13mtvNU648k37KyfoNZaTaDVW603BfDgPOS4nJrFPiC0F40lXhyY9L3GMvtE9cZ3cGsKISLYFhU1gtsFWhNtY4Eje%2B%2FCr%2B2s3XklQxTvmURA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649449a9741f8-EWR
expires: Fri, 22 Mar 2024 02:13:21 GMT

GET
H3 200 quote-for-state-farm-auto-insurance.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 47 KB
48 KB 58ms
57ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/quote-for-state-farm-auto-insurance.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6964977dcebf7492ce44263df654fb5c3324fc04106e9878bab5104f0bb5abb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475030
alt-svc: h3=":443"; ma=86400
content-length: 48456
last-modified: Thu, 14 Mar 2024 05:16:50 GMT
server: cloudflare
etag: "bd48-65f28842-70f77b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFffBaO86vfEjNNn6GtlWIvfzR0wEtNuGlxVLWG%2B2%2FkbGaCdFXv0KXg5yy9nxNsozuCeXL%2FqdfTDvvlTkLlhr1EJyFI7nyEPYgPISlKqxFImVZ4AG0n2vz4B9tH2ayldHqaKT2LBcM8TeCEZnGmYqEoimY7cQzMxp9f%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649449a9841f8-EWR
expires: Fri, 22 Mar 2024 02:13:21 GMT

GET
H3 200 state-farm-homeowners-insurance-coverage.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 32 KB
32 KB 59ms
58ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/state-farm-homeowners-insurance-coverage.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f3a1a756a30340ec5cd9a17f1612e070f12fe49da0e4bb9809cf04f1bac6f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 474971
alt-svc: h3=":443"; ma=86400
content-length: 32594
last-modified: Thu, 14 Mar 2024 05:15:16 GMT
server: cloudflare
etag: "7f52-65f287e4-70f776;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcXt9aMQCwsbFPsDCx6gM%2BVWuTXkAiCsSe3CFa%2FiMC%2BBgWD0VI0YyEG5uIBFXzul%2Bkp02O8pBNtRqHGKFso1CkyqAt2K1E%2BAuHod%2FpFFgEcs3hT23QDk%2BnKtWoMexyeDPIOfRyT%2FwM3gqc%2FOlx2zlSn8qqZM%2BCFYVTrV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649449a9941f8-EWR
expires: Fri, 22 Mar 2024 02:14:19 GMT

GET
H3 200 state-farm-car-insurance-cost.jpg
farming.baokhangelectric.com/wp-content/uploads/2024/03/ 37 KB
38 KB 72ms
71ms Image
image/jpeg 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://farming.baokhangelectric.com/wp-content/uploads/2024/03/state-farm-car-insurance-cost.jpg
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8ad24520298d5020aef6134405067f51125bec9004a050c2b217974856dcfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 474972
alt-svc: h3=":443"; ma=86400
content-length: 37997
last-modified: Thu, 14 Mar 2024 05:14:09 GMT
server: cloudflare
etag: "946d-65f287a1-70f76e;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2Fveh7f2is1SLrpRVUtpnHfjSukwy3tfO746Z5MlQ593Pa3mpbPR2Vwj095LZO9zZz6%2BbIqKomWLFp7vAOp7LmFOdHT3XCMbvBGrUQ5MQoKhfYyuBhh%2FgCZxnLecfQD9GFfcUCvQrHElNjbVtH%2BHQbMgshBJV%2BAgzjYB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 867649449a9a41f8-EWR
expires: Fri, 22 Mar 2024 02:14:19 GMT

GET
H3 200 wp-emoji-release.min.js Show response
farming.baokhangelectric.com/wp-includes/js/ 18 KB
5 KB 23ms
23ms Script
text/javascript 2606:4700:3034::6815:5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://farming.baokhangelectric.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 03:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1402
etag: W/"4904-65f273bf-70eb5c;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqYzTQKpHYf1WLSamXzFhh%2FKd8hK8Ngb%2BUztjkQibWAh9BF74SWFUVuu6y4dKxCbhcEk4vWQu3bydCTWa2W05i7rWEKry%2BKMT4lpm%2FwBjwd%2F1s3DjPHvY0MKkhPWDDtsHLA60MbFU2d4t8GRwPf9M3Pd%2BYK8wgNpBDgU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 86764944eadf41f8-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 94ms
91ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js?bust=31081947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a666300f424ad90f098284764b5c31b85615260b8313f562515e69434b3131d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57714
x-xss-protection: 0
server: cafe
etag: 7477768215841856495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:10:32 GMT

GET
H2 200 ca-pub-2559760529967055 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 98ms
46ms Script
application/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2559760529967055?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dbec56b387de9c8033cbf314c8f16e80415a09dcb08ce67aecb30b1e15736f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GXqOF-PmGFIZfuNx-ljsUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-GXqOF-PmGFIZfuNx-ljsUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtHikmII1JBiWMS_i-nErdtMF4D4vNMdputAXMvwjKkViA00njNZAPG7Ly-ZeL6-ZJIAYg0g5ls3nVUFiHXXT2cNBeKY59NZU4DYKX0GaxAQ-9TPYI0B4tab51inAvHJBedZLwKxEA_HjTuv17MJbJi56TAzAOifOC0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 0C34 9 KB
4 KB 18ms
17ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:34:44 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 8184 9 KB
4 KB 25ms
24ms Document
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:34:44 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxX6GXt-KSJgbLOHz81L77PUJNv9PO0ccQV6o1_3DbEkpwiIeehc7Wend8F4mJXRpqtB1udEg6SckBZ7IJ36RSelCicRRiLYJFpBpa3vb5YYBScsLYnvqoSP-5EXh6N0DwcamH00Tg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 44ms
42ms Script
application/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX6GXt-KSJgbLOHz81L77PUJNv9PO0ccQV6o1_3DbEkpwiIeehc7Wend8F4mJXRpqtB1udEg6SckBZ7IJ36RSelCicRRiLYJFpBpa3vb5YYBScsLYnvqoSP-5EXh6N0DwcamH00Tg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwOTQzODMzLDExMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mYXJtaW5nLmJhb2toYW5nZWxlY3RyaWMuY29tLyIsbnVsbCxbWzgsIlV6TWRTWmRPdE1JIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UzMdSZdOtMI.es5.O/am=wA/d=1/rs=AJlcJMwXdCjtTaWt7p2Fh7EbzaR6HmuN-A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05805153e0bdc12227082ea8c38e7b9e706252f9449accbed337d83e5a4b3418

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Op_Zng9Q6mxSs88sBkSDJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-Op_Zng9Q6mxSs88sBkSDJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEzXHzzuv1bAIP_i1wBQD_Oja-"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C34 4 KB
775 B 39ms
38ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 14:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 13:28:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 14:10:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 0C34 2 KB
903 B 103ms
49ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:26:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame 0C34 23 KB
9 KB 108ms
57ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 02:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 02:33:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 0C34 3 KB
1 KB 111ms
61ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:26:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 0C34 20 KB
8 KB 74ms
24ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:26:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0C34 206 KB
62 KB 18ms
18ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:37:41 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame 0C34 36 KB
15 KB 73ms
25ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 23:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 23:26:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 8184 2 KB
856 B 93ms
59ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:26:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame 8184 23 KB
9 KB 76ms
50ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 02:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 02:33:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 8184 3 KB
1 KB 80ms
58ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:26:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 8184 20 KB
9 KB 44ms
23ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:26:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8184 206 KB
62 KB 29ms
25ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:37:41 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame 8184 36 KB
15 KB 45ms
29ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 23:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 23:26:05 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/1139117952695294407/ Frame 0C34 33 KB
34 KB 43ms
28ms Image
image/jpeg 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1139117952695294407/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c499a7656606b5b0aa30370937e568b1520416590881a3aefe795995f38c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 02:47:30 GMT
date: Wed, 20 Mar 2024 02:47:30 GMT
x-content-type-options: nosniff
age: 40983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34146
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 14:56:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12702268101634399540/ Frame 0C34 3 KB
3 KB 62ms
48ms Image
image/png 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12702268101634399540/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27e17dc5e257ddfe1ca816f1f4fc2b85752a83067f00b191d3b8b8846108c94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 13:02:27 GMT
date: Tue, 19 Mar 2024 13:02:27 GMT
x-content-type-options: nosniff
age: 90486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2613
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 15:53:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0C34 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f14351074e6385f553b61e40db518687b693be031d06fb5883cd2d89f2b0ffeb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C34 15 KB
16 KB 22ms
20ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 06:52:14 GMT
x-content-type-options: nosniff
age: 26299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 06:52:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C34 15 KB
15 KB 41ms
41ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 06:53:24 GMT
x-content-type-options: nosniff
age: 26229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 06:53:24 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E1F 52 KB
20 KB 31ms
27ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 412983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 19:27:30 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0C34
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C3E_KV-76ZZ-bNNSPvPIPqb-7oAu72v6AdsniyYXCEtfa4eOMEBABINGjl5YBYMnGqYvApNgPoAGHzZzHA8gBCagDAcgDywSqBOUBT9C6MdE9tIdlyEWPkLCYw5aRdZlgHUCVNQ6n-sbnAdY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb3a2401d446c1a3e0000000000000000%22,%222%22:%220xe505c23f9fdb03410000000000000000%22,%223%22:%220x1f87c0...

0
0

119ms
76ms

Fetch
text/css

142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb3a2401d446c1a3e0000000000000000%22,%222%22:%220xe505c23f9fdb03410000000000000000%22,%223%22:%220x1f87c0da573302990000000000000000%22,%224%22:%220x62f4f1bd2be1292a0000000000000000%22,%225%22:%220x9cff30be291228e20000000000000000%22},%22debug_key%22:%2211353263226182528924%22,%22debug_reporting%22:true,%22destination%22:%22https://expert.website%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954672775%22],%2222%22:[%22true%22],%224%22:[%2203-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221242598003931791329%22}&andc=true

Protocol

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb3a2401d446c1a3e0000000000000000","2":"0xe505c23f9fdb03410000000000000000","3":"0x1f87c0da573302990000000000000000","4":"0x62f4f1bd2be1292a0000000000000000","5":"0x9cff30be291228e20000000000000000"},"debug_key":"11353263226182528924","debug_reporting":true,"destination":"https://expert.website","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954672775"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"1242598003931791329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Mar 2024 14:10:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 14:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb3a2401d446c1a3e0000000000000000","2":"0xe505c23f9fdb03410000000000000000","3":"0x1f87c0da573302990000000000000000","4":"0x62f4f1bd2be1292a0000000000000000","5":"0x9cff30be291228e20000000000000000"},"debug_key":"11353263226182528924","debug_reporting":true,"destination":"https://expert.website","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954672775"],"22":["true"],"4":["03-20"],"6":["true"]},"priority":"500","source_event_id":"1242598003931791329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 93ms
92ms XHR
application/json 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240314&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc99182347eaeebf76e16093f0c7726ba43adbe128e740afe5a93c1779a945d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12510
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 358B 52 KB
20 KB 18ms
17ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: farming.baokhangelectric.com
URL: https://farming.baokhangelectric.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 412983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 19:27:30 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 28ms
26ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js?bust=31081947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 14:10:33 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 355ms
84ms Preflight
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 14:10:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C2A 13 KB
5 KB 22ms
20ms Document
text/html 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 143244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 22:23:10 GMT
expires: Tue, 18 Mar 2025 22:23:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E63D 829 B
1 KB 103ms
40ms Document
text/html 2607:f8b0:4004:c06::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2296e18b183931a3040e7cd9d4035f60a464433a0800bec1590e528569ffa784

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q5iqSl_UicfkAZokHImRRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://farming.baokhangelectric.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-q5iqSl_UicfkAZokHImRRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 14:10:34 GMT
expires: Wed, 20 Mar 2024 14:10:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C2A 40 KB
16 KB 24ms
23ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 23:28:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 23:28:28 GMT

GET
H3 200 ad-position-.php Show response
fundingchoicesmessages.google.com/f/AGSKWxWN5BtBo-yWizjEhW6rU__QoocXXPfv0wFGHsmXoQg210IZSWd920t4_fgei72AsMeO2GEcFb3dX3dPL2iglxfpSnLlIUjmYUU0JiXtWYYOLwBj7mWYmrH1-UuVeObeuH0Bkh-yCeS1z9N7Ve0yjrogeVwX5... 54 B
110 B 39ms
38ms Script
application/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWN5BtBo-yWizjEhW6rU__QoocXXPfv0wFGHsmXoQg210IZSWd920t4_fgei72AsMeO2GEcFb3dX3dPL2iglxfpSnLlIUjmYUU0JiXtWYYOLwBj7mWYmrH1-UuVeObeuH0Bkh-yCeS1z9N7Ve0yjrogeVwX53w-4NEkGs11sh-GIlgJS9mB42CPYmqI/_/rightads./ad-position-.php?zone_id==728x90_/adswidejs.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UzMdSZdOtMI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz2_tFx2tlCKYNluTV9n93kPe3rFw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3deb54db6522ebcc40c0d1934f137544c2bd0b756b370b4984744612bded85fb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Kn0nFyRbN-N1EWZpEV8NTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Kn0nFyRbN-N1EWZpEV8NTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNcevO6_VsAium3pIHAK5aMRs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 19ms
17ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93267fc7208b7996baac7a97accffe1d9de9bb61feac2f0f43494b439609d797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24394
x-xss-protection: 0
server: cafe
etag: 5913401198690698401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:38:12 GMT

POST
H3 204 AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 76ms
38ms XHR
text/html 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d51qWFpvwqfDsh007NPBmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d51qWFpvwqfDsh007NPBmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIm-PWndfr2QR2fD9uCAC_Egyh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://farming.baokhangelectric.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 39ms
39ms XHR
text/html 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dCVQEo5xlOi2YATldqtCJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-dCVQEo5xlOi2YATldqtCJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIm-PWndfr2QQmHJ5uDwC9hAwj"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://farming.baokhangelectric.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
42ms XHR
text/html 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oT8dreMN3Z1vSXjGxPcFCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-oT8dreMN3Z1vSXjGxPcFCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIm-PWndfr2QQ-bHrtDQC9-QzG"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://farming.baokhangelectric.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 41ms
40ms XHR
text/html 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hqbXAI-6rKVNQuOWRgU0hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-hqbXAI-6rKVNQuOWRgU0hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1hDgFiIm-PWndfr2QRmfDnsDQC_ggyb"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://farming.baokhangelectric.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVMDLuwDr16ZkNPb2oe8NFzI7_zSuo7hq9sCefJ0UWQ3wF-dd8Zfzctv7iseBaW4fYh9ZE_nGhbYzvnSqQH3guqwFhGNbNWHWHdk6oHfAnh3N8aT-bHAWjJ-nwcMDsVlt9ZyWYXJQ== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 63ms
62ms Script
application/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVMDLuwDr16ZkNPb2oe8NFzI7_zSuo7hq9sCefJ0UWQ3wF-dd8Zfzctv7iseBaW4fYh9ZE_nGhbYzvnSqQH3guqwFhGNbNWHWHdk6oHfAnh3N8aT-bHAWjJ-nwcMDsVlt9ZyWYXJQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwOTQzODM0LDEzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmFybWluZy5iYW9raGFuZ2VsZWN0cmljLmNvbS8iLG51bGwsW1s4LCJVek1kU1pkT3RNSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

270304e583c57a969622975d01842a9e65c88ab7ec25869e2aba040a5f0d3808

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vCCl_ep2omZRYi901RbWDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-vCCl_ep2omZRYi901RbWDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNcevO6_VsAg-uvI8EALE9MeM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E63D 0
0 77ms
76ms Image
text/html 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240314&jk=4395285443401647&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

POST
H3 204 AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 36ms
35ms XHR
text/html 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uqT864SMCZ71BCIuzyPSBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-uqT864SMCZ71BCIuzyPSBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1hDgFiIm-PWndfr2QR-nDhQDgC__wzz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://farming.baokhangelectric.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXmfg-s70FSSaepV21kryFMkyibcC3N-i2tQG99F5mHNygoLQJ9RPGRDvmzY58Jn3TCfDGXyUTkdgzUTbFs6zUQUtfx0Is5BWrqmnFHUnFDRBAOUuAt0ax98hg4Aj6cD9dGaElY0g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 52ms
50ms Script
application/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXmfg-s70FSSaepV21kryFMkyibcC3N-i2tQG99F5mHNygoLQJ9RPGRDvmzY58Jn3TCfDGXyUTkdgzUTbFs6zUQUtfx0Is5BWrqmnFHUnFDRBAOUuAt0ax98hg4Aj6cD9dGaElY0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwOTQzODM0LDIzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmFybWluZy5iYW9raGFuZ2VsZWN0cmljLmNvbS8iLG51bGwsW1s4LCJVek1kU1pkT3RNSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cee86eedc988de3667b7d4ab3d8f15c089436ce8679090fb030a8da92da38c60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PODg1DqtsTH_WCzER8rx9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-PODg1DqtsTH_WCzER8rx9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw05BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEzXHrzuv1bAIPWg_WAwD6CDaY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C2A 0
10 B 16ms
16ms Image
text/plain 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4WnuTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0C34 42 B
64 B 79ms
78ms Fetch
image/gif 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTa8JDd28AC9yoh77PpGU5Zq7c7zxMH4GcoGcP2OIEOFpG4AwOH1fJDgaTRVsugG5V4d5a_hElH3RG8nQ6-JterCZdDOPGDip41O42Evkbh0CgQd1S-0sq0KPMPrhfR7lqzjK-wk2q2-jkOY2lf4GCHEatMWnRgYc&sai=AMfl-YT3eU7l0CAj1_0a6E9Pg2Rs_AudKJ4WJetedTgO9yCaSqQHdtuewEPUUVaRC8zGEtA0y0iXi3Z1cor-dn5rdJOKelb-D8awrgp04KGLxUr8h4o1pFxg23IALBZx1mgdHOE1IAXIrMZHTqnugOIB&sig=Cg0ArKJSzNQCB_F7AJ51EAE&cid=CAQSTgB7FLtqZkRifP15tWYi9RSwvZLHKhsfsD4wM0B424Cbq2U55GtyU60p_qWyRFb42yT3bvkZjvmGLTIqifiUZPGCUenjXkWEC2iH8Uxn-xgB&id=lidar2&mcvt=1060&p=0,0,124,1005&mtos=0,889,1060,1060,1060&tos=0,889,171,0,0&v=20240318&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=687663300&rst=1710943833051&rpt=487&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 14:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWSNuLN-JbQIsz9uj4Ag_bjnFQca5D-kfwsfiW16fh1fUKZKkGj44i9WVpB1ktP10Oxhu4KxEdSw376HuKJuSl-5_GpFCG7fRAjgfJUkOJOahvHKKixmWzPW3QS7mCmG1EE21cjlA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 44ms
44ms Script
application/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWSNuLN-JbQIsz9uj4Ag_bjnFQca5D-kfwsfiW16fh1fUKZKkGj44i9WVpB1ktP10Oxhu4KxEdSw376HuKJuSl-5_GpFCG7fRAjgfJUkOJOahvHKKixmWzPW3QS7mCmG1EE21cjlA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwOTQzODM0LDY1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9mYXJtaW5nLmJhb2toYW5nZWxlY3RyaWMuY29tLyIsbnVsbCxbWzgsIlV6TWRTWmRPdE1JIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db6dbfbc8e6ca4dea4fa9001347425998c883d845afb7890d1486ea81168d2b5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YZn5CILYawbZiHnMpjIEwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YZn5CILYawbZiHnMpjIEwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDcevO6_VsAjcOHjrCBADhtDIG"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUneHrLKJPMU15Qb3K5jhfdgKolhRSW-ZXELi-uNCidXDH1MVWfUSkj2mpWKv7b_gV_cQs5vnUorLVlKXEvV9ksPEl1k0mSLS5PaouLK1kr_fmxFU0LXFBoX-bc-to5caronJAYtA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 35ms
35ms XHR
text/html 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUneHrLKJPMU15Qb3K5jhfdgKolhRSW-ZXELi-uNCidXDH1MVWfUSkj2mpWKv7b_gV_cQs5vnUorLVlKXEvV9ksPEl1k0mSLS5PaouLK1kr_fmxFU0LXFBoX-bc-to5caronJAYtA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yqBnvjS5bn7qy1rMvItDsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yqBnvjS5bn7qy1rMvItDsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh-PWndfr2QQ6Nly_yQQAyvIM4w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://farming.baokhangelectric.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 37ms
36ms XHR
text/html 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-BkAiSCyzIGExgb3AY3LumxupqDSvz89zj4MZ25NcuwH0IE-qZna9c84bw5ZP58ci_zUXbh_GfQ9RniFUF_uGVh4s4XhTrTh3uhpsMZ_zZMmEKsv8CwZKVr7sv4W5X3Xq0iHCzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hpnl44OtQl2ZaBgJYE7BsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://farming.baokhangelectric.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Mar 2024 14:10:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-hpnl44OtQl2ZaBgJYE7BsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1hDgFiIh-PWndfr2QR2PHxxiwkAzFMNUg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://farming.baokhangelectric.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240314&jk=4395285443401647&bg=!w8ClwI_NAAZaswqNerM7ADQBe5WfOARwmW0S8PCUGlSRIrSZukPH0bJJoYyXlPfwMgnMVwUKJm08kZGSCJG-t-nYPsMOAgAAAjVSAAAABGgBB34ANQU9UDe9c9lvlifEO-ZxFV9wf_3jdlHicvvGtL_ityffwd4FRagP6wTFHSqnYFiCOxvQil9umQJvjN3GCsm1Blvt85_vuXzvw4QC9Zn6lOK9UNhba102iNiH0TXulnOW26PiggmjrdrGi9xLRFFxMuM3Pf9LPZ_EEpXootJ9qIPqAboGdNQMdoj_LDbndYcb2bmkKnEcXEeRR6q_41SoIR8Nevm-9fOVMllJnn2Uoo7KTae3Ktyw_pFueMCYBMqEemGk9c7_QTVEed2bho-kOt_PKouOJjCkfsXk_rKhJK04CiT1dFS-QfC-zUG-uGPtkVeBM0pH1RpWgki5hTEWbzva0_IPKg8QJNENMbSIdfsX7HDl1XERhsOb3ZNNVvwDQfgfaL-42yRDcr55QtQlMqch7NVCPIX4P87kjKLGx3UizV0wgmFCNOsdshBCbwDsvX-fu94LfRDVuSzsAOxWI8SDhRpY3SLdlRVnhJrrRHXpychXmLjEgQWE0_Pe15tcoNwWbvfhQ369j37w005n8ay6iS1Sdt4cwj4S-hCs6cqkDp-pPxape8mhKtCsi_Hj52w_uKuwBL3gwy1lN2XTjJtMaAr-mW12gD1HJzjJSLloynphMfcRUkjTE6-SP7GAO2pVfz3haKKIsjUaM_Jrq9hCiLcsTVV3itMCE-xWDk6Mz985ymVv79DOVgf7w2dc5Qj6oYACVjWR1sxd8i5arytGfzTQZQ7BTmkuyrlUTI2N64V_tBzRRQASLfITFa5uHitetaOJF8uq6dtssI6gFyTYIBtLQy0ATz1QY0nNvVie-hEKZ0bD8UEyNrx8_cwRiyX7qAoLPS11YqhMQCDMyCSzOmn04CI1ehS1rh3yXYC9UxWdEMthwQxFsBQ0tg6oa7AM0u0j7nU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://farming.baokhangelectric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baokhangelectric.com/	1970-01-21 04:37:19	Name: __gads Value: ID=25293ef1b18f7b5f:T=1710943831:RT=1710943831:S=ALNI_MYz0myMUm9pOucQF8fOZeQBUWdo3A
.baokhangelectric.com/	1970-01-21 04:37:19	Name: __gpi Value: UID=00000dd412699978:T=1710943831:RT=1710943831:S=ALNI_MaRHed2vl5aL5XFw1ny1Bms0a6KCQ
.baokhangelectric.com/	1970-01-20 23:34:55	Name: __eoi Value: ID=794f06e3ff2f6b61:T=1710943831:RT=1710943831:S=AA-AfjZerCtE0MUdfF2AxB41bnm-
.doubleclick.net/	1970-01-21 04:51:43	Name: IDE Value: AHWqTUkdcz_IWGgFZaNgyP3xVyHPsvEUOnACrK9k-Cgwjun0Y7U9nlpS2_fGNPT10Go
.googleadservices.com/	1970-01-20 21:25:19	Name: ar_debug Value: 1
.baokhangelectric.com/	1970-01-21 04:01:19	Name: FCNEC Value: %5B%5B%22AKsRol-sngh4NqP4APfNnf1KU1YLNv9ek5Z4i3LOdmMn19prdzNyyomOCjdNqNBUgwgFDSwQdsRFAQpQHKlfczXx8QndJG7Sq48tdPci4Stme_aQjJbHlFYVJ_KIqRafoLePuZqNOv8zLWmhCzIZ8WoKo1hC4FEhKQ%3D%3D%22%5D%5D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://farming.baokhangelectric.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://farming.baokhangelectric.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://farming.baokhangelectric.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://farming.baokhangelectric.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://farming.baokhangelectric.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://farming.baokhangelectric.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://farming.baokhangelectric.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

farming.baokhangelectric.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.31.155
2606:4700:3034::6815:5c1
2607:f8b0:4004:c06::67
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c1b::65
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1f::5e
2607:f8b0:4004:c1f::84
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
05805153e0bdc12227082ea8c38e7b9e706252f9449accbed337d83e5a4b3418
07f42344d0648524d970cea25aa79bb571ee8025e2f7f22002fc276c8ae2f48a
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
114786cb1a42e4415ef84105b81744dcb4ad5ce4b147506cec15794d050ea7c1
183efb1af3db1d0c7e3a03b749a674457753959a11875f4b49c0225a70833ba3
1dbec753cfd0c5548e5ceb84d3ca357b19765374d0b7856d2b4d2943959da93b
2296e18b183931a3040e7cd9d4035f60a464433a0800bec1590e528569ffa784
270304e583c57a969622975d01842a9e65c88ab7ec25869e2aba040a5f0d3808
27e17dc5e257ddfe1ca816f1f4fc2b85752a83067f00b191d3b8b8846108c94c
2ac9bf7f115c52c4c119ee06acd99e9428ac40517a9fa547c6bd3c104ec61490
2de8a5529c85917f9921a32514a855433428d0ae65e539ac4da1be56430ccc54
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
374b9bbed6944f6a7da682c66f91e4c0c2a224592e78a321e5bd92ca255e1d10
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3dbec56b387de9c8033cbf314c8f16e80415a09dcb08ce67aecb30b1e15736f3
3deb54db6522ebcc40c0d1934f137544c2bd0b756b370b4984744612bded85fb
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35
4e6e51484d31a8655acc7f3aed4ae417a39c0b6f764d7f29d5f1b42dc496acdb
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
6964977dcebf7492ce44263df654fb5c3324fc04106e9878bab5104f0bb5abb9
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e
8b1006cd2dad071e646c5405b21bf4ed8f8de6899ffd2bd85dc8571c185ccad4
93267fc7208b7996baac7a97accffe1d9de9bb61feac2f0f43494b439609d797
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a666300f424ad90f098284764b5c31b85615260b8313f562515e69434b3131d2
aa8ad24520298d5020aef6134405067f51125bec9004a050c2b217974856dcfb
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
b7c499a7656606b5b0aa30370937e568b1520416590881a3aefe795995f38c74
c3f54457974d1ef9d362a5ff3d50f53e71bcf476904b52f3b23f8ee23a186abd
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc99182347eaeebf76e16093f0c7726ba43adbe128e740afe5a93c1779a945d0
cee86eedc988de3667b7d4ab3d8f15c089436ce8679090fb030a8da92da38c60
d802ef8a8d4d5907c3d164a07c8377ff76a17640f374096e7c2f2a2a68f7570f
db6dbfbc8e6ca4dea4fa9001347425998c883d845afb7890d1486ea81168d2b5
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77946302a1088834c4bcd912a0f02038c74d183c0012fce001b36bd0a9443be
e9f3a1a756a30340ec5cd9a17f1612e070f12fe49da0e4bb9809cf04f1bac6f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14351074e6385f553b61e40db518687b693be031d06fb5883cd2d89f2b0ffeb
f3fbad89db9d9204ebcd2c461178b276ea64c31fac68b0cb2ee1f5d79abc505f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

farming.baokhangelectric.com Open in urlscan Pro 2606:4700:3034::6815:5c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

97 %HTTPS

90 %IPv6

7 Domains

10 Subdomains

11 IPs

1 Countries

1367 kBTransfer

3071 kBSize

6 Cookies

1 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

farming.baokhangelectric.com Open in urlscan Pro
2606:4700:3034::6815:5c1 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

97 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

11
IPs

1
Countries

1367 kB
Transfer

3071 kB
Size

6
Cookies

76 HTTP transactions
1 data transactions