urlscan.io logo urlscan.io
SecurityTrails logo

m-r.pw Open in urlscan Pro
107.152.32.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m-r.pw/0.997440348222798
Effective URL: https://m-r.pw/0.997440348222798
Submission: On August 03 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 65 HTTP transactions. The main IP is 107.152.32.27, located in United States and belongs to TZULO, US. The main domain is m-r.pw.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 26th 2024. Valid for: a year.
This is the only time m-r.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 107.152.32.27 11878 (TZULO)
1 142.251.179.97 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 104.18.186.31 13335 (CLOUDFLAR...)
10 142.251.163.155 15169 (GOOGLE)
1 173.194.205.95 15169 (GOOGLE)
1 142.250.31.102 15169 (GOOGLE)
5 142.251.179.154 15169 (GOOGLE)
14 74.125.192.113 15169 (GOOGLE)
2 142.251.174.132 15169 (GOOGLE)
1 142.251.174.105 15169 (GOOGLE)
65 12
26    107.152.32.27 (United States)

ASN11878 (TZULO, US)
m-r.pw
1    142.251.179.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f97.1e100.net
www.googletagmanager.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
10    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
pagead2.googlesyndication.com
1    173.194.205.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f95.1e100.net
fonts.googleapis.com
1    142.250.31.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f102.1e100.net
www.google-analytics.com
5    142.251.179.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f154.1e100.net
googleads.g.doubleclick.net
14    74.125.192.113 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f113.1e100.net
fundingchoicesmessages.google.com
2    142.251.174.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f132.1e100.net
tpc.googlesyndication.com
1    142.251.174.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f105.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
26 m-r.pw
m-r.pw
2 MB
15 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
www.google.com — Cisco Umbrella Rank: 10
78 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
304 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
33 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
775 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
95 KB
65 9
Domain Requested by
26 m-r.pw m-r.pw
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 pagead2.googlesyndication.com m-r.pw
pagead2.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cdnjs.cloudflare.com m-r.pw
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com m-r.pw
1 cdn.jsdelivr.net m-r.pw
1 www.googletagmanager.com m-r.pw
65 11

This site contains links to these domains. Also see Links.

Domain
blog.m-r.pw
Subject Issuer Validity Valid
m-r.pw
Sectigo RSA Domain Validation Secure Server CA		 2024-07-26 -
2025-08-10		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://m-r.pw/0.997440348222798
Frame ID: 5A308C3C7CC6D16E37F7B1C1D0AF9C8C
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/zrt_lookup_fy2021.html
Frame ID: F298777F41810FA98F6AAB732D459337
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&adk=1812271804&adf=1573534164&abgtt=6&lmt=1722651933&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm-r.pw%2F0.997440348222798&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_4~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722651932685&bpp=6&bdt=7949&idt=429&shv=r20240731&mjsv=m202407290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6583290135159&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085664%2C31085722%2C44795922%2C95331690%2C95334528%2C95334829%2C95337587%2C95337870%2C31085750%2C31084187%2C95336521%2C95339223%2C95336267%2C95339098%2C31078663%2C31078668%2C31078670&oid=2&pvsid=246788160612407&tmod=75846879&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=466
Frame ID: 9262B32075E5D4F20D1649E0CBD5200F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&h=280&slotname=1008669888&adk=3937767687&adf=3025194257&pi=t.ma~as.1008669888&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1722651933&rafmt=1&format=1200x280&url=https%3A%2F%2Fm-r.pw%2F0.997440348222798&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722651932691&bpp=2&bdt=7955&idt=487&shv=r20240731&mjsv=m202407290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6583290135159&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085664%2C31085722%2C44795922%2C95331690%2C95334528%2C95334829%2C95337587%2C95337870%2C31085750%2C31084187%2C95336521%2C95339223%2C95336267%2C95339098%2C31078663%2C31078668%2C31078670&oid=2&pvsid=246788160612407&tmod=75846879&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=499
Frame ID: E59C94AABC1BF3273D158B77A5747B86
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 13AD6F1C273EB7F1F67AB0AB6BDED295
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E376A7484681BA6D96BBAA64AFE4B7E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/zrt_lookup_fy2021.html
Frame ID: 2C61AE6846936AA6992DD43261B6C3F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/zrt_lookup_fy2021.html
Frame ID: 8236DD3DAFC797164FC7D0D01DD89EFB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

غير موجود | m-r.pw

Page URL History Show full URLs

  1. http://m-r.pw/0.997440348222798 HTTP 307
    https://m-r.pw/0.997440348222798 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

65
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

2121 kB
Transfer

3368 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m-r.pw/0.997440348222798 HTTP 307
    https://m-r.pw/0.997440348222798 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.997440348222798
m-r.pw/
Redirect Chain
  • http://m-r.pw/0.997440348222798
  • https://m-r.pw/0.997440348222798
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
1e5ffa4e3225042baf1b844b576c0fd5dae1ad0130cbebf98cb5e4f29cbf2def

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Aug 2024 02:25:24 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://m-r.pw/0.997440348222798
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EDL2BRS35E
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c177a35fdbf2a1915f0eddf3e140224cfe73e9048a7ce4fd582d31984c63f51c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96771
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 03 Aug 2024 02:25:32 GMT
boxicons.min.css
m-r.pw/css/ 		62 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/css/boxicons.min.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 20:10:25 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
63781
bootstrap.min.css
m-r.pw/css/ 		141 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/css/bootstrap.min.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 20:10:25 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
144877
dataTables.bootstrap4.min.css
m-r.pw/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/css/dataTables.bootstrap4.min.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
66830be1b44d61cd3d4bba46fb632e8447829c1f5141fe7e236aa059ebfa0f6b

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 20:10:27 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5232
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
815920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OadWL%2FkFe8OsBcsROmFxf7o1679ppVhlZFw6qz3jRsjBMj3pbqg%2FZ2RdaQE%2Fe0DCgtpRe%2BBryEwuJ0tEMlvNhMTk1uCDlPjj7E794RmMN668HbAdt42p2Vr3ga4R1h7F4r0VQM%2Fl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ad2db6278ec53f5-YYZ
expires
Thu, 24 Jul 2025 02:25:24 GMT
responsive.bootstrap4.min.css
m-r.pw/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/css/responsive.bootstrap4.min.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
53b70abc117de82792aa9ccd127c4ee911ff84e25be57c3cf39b6eb134d7eb02

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 20:10:26 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4463
app.css
m-r.pw/css/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/css/app.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
eb62517b0ae8d527239d39363456e2ef08d7da045e01a98ef51229e8230a582a

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 20:10:26 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
18984
qrcode-styling.js
m-r.pw/js/ 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/qrcode-styling.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
5b5e816fb9ff694b6f1327105a3e7f202c84247a1140291f51af4666d9a2217a

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Wed, 12 Apr 2023 11:37:45 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
52233
daterangepicker.css
m-r.pw/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/css/daterangepicker.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 20:10:26 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
8069
jquery.form.min.js
m-r.pw/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/jquery.form.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
dd329c644951f3c041200e8279e3c90063ac5b5c8861fe253fca48df7dd8b99c

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:19 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
17094
jquery.twbsPagination.min.js
m-r.pw/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/jquery.twbsPagination.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
b30becffbd87d8966b21bc8374cb2442fdadd1ba533b9b6024e595301819aba5

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:19 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6542
dropzone.min.js
m-r.pw/ 		112 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/dropzone.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:38:56 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
114702
dropzone.min.css
m-r.pw/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/dropzone.min.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:24 GMT
Last-Modified
Tue, 13 Dec 2022 21:40:04 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
9830
resumable.min.js
m-r.pw/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/resumable.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
0c617285716b9f4a1eda3afcbccd1e6be053ef78677eecb50eefa06ccab03146

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:22 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
16586
sweetalert2@11
cdn.jsdelivr.net/npm/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3ab4c622eed4d8f0e66077932dc3661a48e5685876436541b19751cd128ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36106
x-jsd-version
11.12.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19565
x-served-by
cache-fra-eddf8230029-FRA, cache-lga21928-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"12da3-ovl4d0ysiwlhvi1Tg4NELKs9OyA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmgY41TZyDdfX5cDBFVkmqifxNMsfc6zy3yS1lUMQIoNQ1x%2Bq6TnhY78nOtM4n%2FHo4WUuUqrUdk8eqdTT96O6XuDyr6woelXhObU40QLsJgFA%2F3jBuUeRdu25HVJqwjpUv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ad2db917f2ea214-YYZ
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
813679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NvuKMJM62WuTCihVk07MOZYzR0HBlMJtx1LguVV8QKRh6BDJRmLhc6iJ58VXO7i9qJiRKHy3mmyBnjWQIEhMDUO6O5bXvZrqaEImPIzOIPE%2BvJvJfQ6GC8mxXdtmxGH7mMSxJiNL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ad2db6278ed53f5-YYZ
expires
Thu, 24 Jul 2025 02:25:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
5c08873605bd7cf608a0db6be6230a22139a8972c8c9ac8b5483853f45cfcfff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Origin
https://m-r.pw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53697
x-xss-protection
0
server
cafe
etag
3839145473998043246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 03 Aug 2024 02:25:32 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.205.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f95.1e100.net
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Aug 2024 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 03 Aug 2024 02:25:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Aug 2024 02:25:32 GMT
logo.svg
m-r.pw/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m-r.pw/logo.svg
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
dfbc04855b36a4f1602467e1a14ec1a9f974974cd1e94e604906635e263622de

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Sat, 31 Dec 2022 14:29:31 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
7074
logo.svg
m-r.pw/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m-r.pw/images/logo.svg
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
dfbc04855b36a4f1602467e1a14ec1a9f974974cd1e94e604906635e263622de

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:38:34 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
7074
qrcode.min.js
m-r.pw/js/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/qrcode.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:21 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
19927
jquery.dataTables.min.js
m-r.pw/js/ 		173 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/jquery.dataTables.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
686761cc3a93f247ede72b4a37060a89d65b6abdeb4e6d31685f2173e5d0ec7e

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:22 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
176810
bootstrap.min.js
m-r.pw/js/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/bootstrap.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:19 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
48944
dataTables.bootstrap4.min.js
m-r.pw/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/dataTables.bootstrap4.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
d8ccda79c0869303bbef93ef44992a313778b11e9cb918909644f6894782b125

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:22 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
4520
dataTables.responsive.min.js
m-r.pw/js/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/dataTables.responsive.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
7feaf64d7dca902e9abe9bfb17c6d18556593bc9d6ef126198229dea4ecfa861

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:23 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
16849
responsive.bootstrap4.min.js
m-r.pw/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/responsive.bootstrap4.min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
308c5ac6865fe2c0252c5abaed7b8055e542d4943b85b5b99823c994e4bbc11d

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:21 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
3661
app.js
m-r.pw/js/ 		616 KB
616 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/js/app.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
707f4f083579671e2c56bc823e4e7b61c52a605e369a6c6c727985e138b2610f

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:23 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
630476
betadropzone-min.js
m-r.pw/ 		45 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/betadropzone-min.js
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
361bf85c74bc182c9d5e7f2a90731157c698e9b87f9a95c2668b15cb83d393a2

Request headers

Referer
Origin
https://m-r.pw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:25 GMT
Last-Modified
Tue, 13 Dec 2022 21:38:58 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
46446
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EDL2BRS35E&gtm=45je47v0v874488705za200&_p=1722651924898&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=620660135.1722651932&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722651932&sct=1&seg=0&dl=https%3A%2F%2Fm-r.pw%2F0.997440348222798&dt=%D8%BA%D9%8A%D8%B1%20%D9%85%D9%88%D8%AC%D9%88%D8%AF%20%7C%20m-r.pw&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=8452
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EDL2BRS35E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Aug 2024 02:25:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
boxicons.woff2
m-r.pw/fonts/ 		101 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/fonts/boxicons.woff2
Requested by
Host: m-r.pw
URL: https://m-r.pw/css/boxicons.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
df8458262a7d3d4dad2851655de2b3ba3b711f52e2bfce63ce0348730bb819c7

Request headers

Referer
https://m-r.pw/css/boxicons.min.css
Origin
https://m-r.pw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:32 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:41 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
102988
jannat.ttf
m-r.pw/fonts/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/fonts/jannat.ttf
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
e04f9ee8d10ee25525bfbb4c44f856853568bd39de59c7bc9a2da1683fee01c3

Request headers

Referer
https://m-r.pw/0.997440348222798
Origin
https://m-r.pw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:32 GMT
Last-Modified
Tue, 13 Dec 2022 21:37:40 GMT
Server
Apache
Content-Type
font/ttf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
56088
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Requested by
Host: m-r.pw
URL: https://m-r.pw/0.997440348222798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
5c08873605bd7cf608a0db6be6230a22139a8972c8c9ac8b5483853f45cfcfff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Origin
https://m-r.pw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53697
x-xss-protection
0
server
cafe
etag
3839145473998043246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 03 Aug 2024 02:25:32 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/slotcar_library_fy2021.js?bust=31085750
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
489d06a3de2eb8180fc321976b4129613139ca13a8a57154e829bc2eaab2ced2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31458
x-xss-protection
0
server
cafe
etag
2020035554506338364
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Aug 2024 02:25:32 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/ 		425 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
682ba9c36ec8526c9923d750fa57d7f0c598cf2ce3c4002f9eed5b5fed27125e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146726
x-xss-protection
0
server
cafe
etag
11637881759962449405
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Aug 2024 02:25:32 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1438122513328653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/ Frame F298 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
23732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Aug 2024 19:50:01 GMT
etag
2738592464165616
expires
Fri, 16 Aug 2024 19:50:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9262 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&adk=1812271804&adf=1573534164&abgtt=6&lmt=1722651933&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm-r.pw%2F0.997440348222798&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_4~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722651932685&bpp=6&bdt=7949&idt=429&shv=r20240731&mjsv=m202407290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6583290135159&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085664%2C31085722%2C44795922%2C95331690%2C95334528%2C95334829%2C95337587%2C95337870%2C31085750%2C31084187%2C95336521%2C95339223%2C95336267%2C95339098%2C31078663%2C31078668%2C31078670&oid=2&pvsid=246788160612407&tmod=75846879&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=466
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45260
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Aug 2024 02:25:33 GMT
expires
Sat, 03 Aug 2024 02:25:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E59C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1438122513328653&output=html&h=280&slotname=1008669888&adk=3937767687&adf=3025194257&pi=t.ma~as.1008669888&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1722651933&rafmt=1&format=1200x280&url=https%3A%2F%2Fm-r.pw%2F0.997440348222798&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722651932691&bpp=2&bdt=7955&idt=487&shv=r20240731&mjsv=m202407290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6583290135159&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085664%2C31085722%2C44795922%2C95331690%2C95334528%2C95334829%2C95337587%2C95337870%2C31085750%2C31084187%2C95336521%2C95339223%2C95336267%2C95339098%2C31078663%2C31078668%2C31078670&oid=2&pvsid=246788160612407&tmod=75846879&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=499
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Aug 2024 02:25:33 GMT
expires
Sat, 03 Aug 2024 02:25:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240731&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
7c5321d22ac644f57a7fa03d062443929d2f64c2e7a459f49a8f6dcf40382772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12874
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/ 		171 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/reactive_library_fy2021.js?bust=31085750
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
e4cbbbef44cfe8c91860cf403e010229b7f5ee6eb82b5b85ab106d3c08b488f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59110
x-xss-protection
0
server
cafe
etag
14832527357684448379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Aug 2024 02:25:33 GMT
ca-pub-1438122513328653
fundingchoicesmessages.google.com/i/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1438122513328653?href=https%3A%2F%2Fm-r.pw%2F0.997440348222798&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
6d160b973ddc8fee20d7dc389fb2e9c7f6bca29ceb21547a66b16feb6ac22cad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-phCuPPCTPIzyAG_NVJLaVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-phCuPPCTPIzyAG_NVJLaVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtHikmII1JBiUAzbyXTi1m2mC0B83ukO03Uglvj6kkkNiJ3SZ7AGALFP_QzWKCBuvXmOdTIQf358jvU3ECf9O89aAMTuWhdZ_YF4ScRF1gOJF1kPPr7IehKIDRUusdoD8fT6S6zzgViIh2Puqm1b2QQO_Dt9jFlJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDCwFDPwCS-wAAAv_5JYQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31085664%2C31085722%2C44795922%2C95331690%2C95334528%2C95334829%2C95337587%2C95337870%2C31085750%2C31084187%2C95336521%2C95339223%2C95336267%2C95339098%2C31078663%2C31078668%2C31078670&hl=ar&pvc=246788160612407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Aug 2024 02:25:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
m-r.pw/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://m-r.pw/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.152.32.27 , United States, ASN11878 (TZULO, US),
Reverse DNS
Software
Apache /
Resource Hash
5d13f4066b32a384c03819375741d8781dc5c1dbd9f251bc7305cfc5f82893bd

Request headers

Referer
https://m-r.pw/0.997440348222798
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 03 Aug 2024 02:25:33 GMT
Last-Modified
Sat, 31 Dec 2022 05:20:56 GMT
Server
Apache
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
34494
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Aug 2024 02:25:34 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 13AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
228649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 10:54:45 GMT
expires
Thu, 31 Jul 2025 10:54:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E376 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.105 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KiwjkKGR8UlovHiVDj1CBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m-r.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KiwjkKGR8UlovHiVDj1CBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Aug 2024 02:25:34 GMT
expires
Sat, 03 Aug 2024 02:25:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lyO1lPuGmbZgGICz60h07Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-lyO1lPuGmbZgGICz60h07Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw0gDi9BmsIUD8-fE51t9A7K51kdUfiJdEXGQ9kniRdXr9Jdb5QCzEzTFv1batbAI_fs-qU3JJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBhYGhnoG5vEFBgBatTJh"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXJghelM-4uYImvHzbKAq0gDq2xK2X7y31aYlucZDtzdZko-2DOo8Ps_lhsNZHNJ_6QwIzIZKUZOoFMs54zHB1ygY-_gqN9RUZpMQJ-WzTJ-9LGaexZrOH8PxpT0cu52Jj16BlKmg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXJghelM-4uYImvHzbKAq0gDq2xK2X7y31aYlucZDtzdZko-2DOo8Ps_lhsNZHNJ_6QwIzIZKUZOoFMs54zHB1ygY-_gqN9RUZpMQJ-WzTJ-9LGaexZrOH8PxpT0cu52Jj16BlKmg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNjUxOTM0LDE1MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tLXIucHcvMC45OTc0NDAzNDgyMjI3OTgiLG51bGwsW1s4LCJqRHEzaEpUczZWcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxOTFdLDAsMTBdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
c49650a9c9cc4df10356cd716c19fb54eba0bc90434999040c04f33299357d51
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sb1VEVxUURwgeHMX4AuZtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-sb1VEVxUURwgeHMX4AuZtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxM0xb9W2rWwCDY9uJSlpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgYGOoZmMQXGAAAe99CZw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/ Frame 2C61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
23732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Aug 2024 19:50:01 GMT
etag
2738592464165616
expires
Fri, 16 Aug 2024 19:50:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/ Frame 8236 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240731/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407290101/show_ads_impl_fy2021.js?bust=31085750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
23732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Aug 2024 19:50:01 GMT
etag
2738592464165616
expires
Fri, 16 Aug 2024 19:50:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads_google_ads_
fundingchoicesmessages.google.com/f/AGSKWxVcxXBjLa-k5acaSSUoTyBxTniW8D-40O6tS4cIlZdb-N7bOal53y5-FaUq1okXy0nyLP5RjxbVcS3kxsHvWjOGxrwA5ctYCkQf25TgvJYD-1XwBu1eFfE8Z8H6g6QLUWbF8MuJ6-dEW8H6nQr2zjUmBEOvc... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcxXBjLa-k5acaSSUoTyBxTniW8D-40O6tS4cIlZdb-N7bOal53y5-FaUq1okXy0nyLP5RjxbVcS3kxsHvWjOGxrwA5ctYCkQf25TgvJYD-1XwBu1eFfE8Z8H6g6QLUWbF8MuJ6-dEW8H6nQr2zjUmBEOvc3c91qxgsERj54oLP9dXr3nb2wzmflnJ/_/ads300./ads/elementViewability./amzn_ads./custom/ads_google_ads_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwe8zQWGW7951eurVDXFV6QG76xzQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
68457def7fddce33b77325dfa05cfbf8ef16134df286ac6c5e57a1f9951157a2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8TvY-EDjqeCvwicAuf84pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8TvY-EDjqeCvwicAuf84pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxMMxb9W2rWwCDbMebmVW0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjGwMDDUMzCJLzAAALM7Qn0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwe8zQWGW7951eurVDXFV6QG76xzQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 01:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
1932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Aug 2024 02:53:22 GMT
AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lNts-S09qaIKBO0xQZ5bnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-lNts-S09qaIKBO0xQZ5bnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw05BiWMS_i8kpfQZrCBB_fnyO9TcQu2tdZPUH4iURF1mPJF5knV5_iXU-EAvxcMxbtW0rm0BH-7llzEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDCwFDPwDy-wAAACkozUg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NPmzU-HPIw9UK7h-zMdEmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-NPmzU-HPIw9UK7h-zMdEmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII0pBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwc81Zt28omsGDHimvMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwMLAUM_APL7AAABsuDJA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oEaUcj-ndzDQbkae-A6n2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-oEaUcj-ndzDQbkae-A6n2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII1JBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQtwc81dt28omsODwHXYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWCoZ2AeX2AAACqdMaw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sy3kO9jzU_13LglNUbZYFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-Sy3kO9jzU_13LglNUbZYFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw1ZBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQtwc81dt28omMGPKFCEll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWCoZ2AeX2AAAAO_MSw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXYMWjHHutAArDDp0gETtq-hd5ok6V7xMQWIcJ60_u6tu0y7_wAI-hLBLZRZ-P5sJ_Vq6-mby3jkYzVY74Ke_KOFjzc1vKqpl52Pu6ux9RUHl1DgoPIO6xnVKTbe9RhW-ysuX2mUA==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXYMWjHHutAArDDp0gETtq-hd5ok6V7xMQWIcJ60_u6tu0y7_wAI-hLBLZRZ-P5sJ_Vq6-mby3jkYzVY74Ke_KOFjzc1vKqpl52Pu6ux9RUHl1DgoPIO6xnVKTbe9RhW-ysuX2mUA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNjUxOTM0LDk3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbS1yLnB3LzAuOTk3NDQwMzQ4MjIyNzk4IixudWxsLFtbOCwiakRxM2hKVHM2VnMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTkxXSwwLDEwXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
a853d363588d99ea883e9fa2f678f4a46690a54f4200925f3ffa8673481757b5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rp7EEkwIPfJcRHn6MugI3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rp7EEkwIPfJcRHn6MugI3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxM0xf9W2rWwCC-7-ZVfSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwMNQzMIkvMAAAeONCTQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1cQFFntAy38yOHZNXmakCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1cQFFntAy38yOHZNXmakCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw1pBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQtwc81dt28omcGL3NHUll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWCoZ2AeX2AAACIjMZg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUnqEtqepwnbEI8S7L5Z0PWTmg83-l2W63ECxYo97qEEjoTPsE0clLCcUzHYI1czYKnncC9xxZvCecVwHaOQDfY9THrPEiqpyQZvwNHxtQGQKqAgHFBXBRSWCwAgpKqj11PFWZV7A==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUnqEtqepwnbEI8S7L5Z0PWTmg83-l2W63ECxYo97qEEjoTPsE0clLCcUzHYI1czYKnncC9xxZvCecVwHaOQDfY9THrPEiqpyQZvwNHxtQGQKqAgHFBXBRSWCwAgpKqj11PFWZV7A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNjUxOTM1LDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tLXIucHcvMC45OTc0NDAzNDgyMjI3OTgiLG51bGwsW1s4LCJqRHEzaEpUczZWcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxOTFdLDAsMTBdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e0fce3625dfd8acefcfe29348bbe61c6fbcf3a1ff8f0a2dec60fbfa2ae3c1386
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FzoUjzr-H-0aFFOUkWz8_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-FzoUjzr-H-0aFFOUkWz8_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxM0xf9W2rWwCEz690lHSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwMNQzMIkvMAAAclxCUw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
AGSKWxUzLC7AzsMr4UNbflfvw-0OEii0u44tdEIgmTYaR9g6jES8evyh9I4DaN9lpdJhcR-zGZm5N7yKBgE9_5IFowKC1oRMYisceYIklptTX80QUBhFT1pwYPOkVr0G6J-Zfes8-ICVTg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUzLC7AzsMr4UNbflfvw-0OEii0u44tdEIgmTYaR9g6jES8evyh9I4DaN9lpdJhcR-zGZm5N7yKBgE9_5IFowKC1oRMYisceYIklptTX80QUBhFT1pwYPOkVr0G6J-Zfes8-ICVTg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNjUxOTM1LDEzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tLXIucHcvMC45OTc0NDAzNDgyMjI3OTgiLG51bGwsW1s4LCJqRHEzaEpUczZWcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxOTFdLDAsMTBdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
b01ecc04e2c5027d7cb3a092746c92cb464832acdfd40d086666d219821d9904
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zMUangX68qNP9iNsvDU3iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zMUangX68qNP9iNsvDU3iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxM0xf9W2rWwCLxqWhyppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgYGOoZmMQXGAAAbb5CJg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVpXyXp5KA7xH8gJRXJYK4uOL6-Ju7zYdE-Adleyq5QP2zCCgDXSy-6YaoVJxstms8UUCua17w4ogZs64gKqHOFpRICvvCIKtYwgghdLrAwHOFQiKoGG04pAipDBnU3ImmwTGcB4g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVpXyXp5KA7xH8gJRXJYK4uOL6-Ju7zYdE-Adleyq5QP2zCCgDXSy-6YaoVJxstms8UUCua17w4ogZs64gKqHOFpRICvvCIKtYwgghdLrAwHOFQiKoGG04pAipDBnU3ImmwTGcB4g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-can-Y3MCj-8ybsadDlYi2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-can-Y3MCj-8ybsadDlYi2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw15BicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwc81dt28omcOFb631GJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGFgqGdgHl9gAAB_hDKI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUpOrqOxNun8wp0ZaJIP8kDQRZFfSowYPpxS3rWbkR7dsaJjpbCkP06UMrneD5C6gA8ACQVrIVSIr34ssJDtbq_00RMJLidMmkozJP1vwwhwv2gJXk7DQp4kbH4b5qvs6cnBPPNhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wuAgo3z-JsIqcBBfNDQAnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m-r.pw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Aug 2024 02:25:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wuAgo3z-JsIqcBBfNDQAnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw0pBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwc81dt28om0LFw2TtGJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGFgqGdgHl9gAABg-zIe"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://m-r.pw
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240731&jk=246788160612407&bg=!8_Cl8L_NAAZjy5caQ8s7ADQBe5WfOOG4SRgEFJTRlibB-unvwEISpRrbhKTk_585bKvA9EzMGnPLiHAkpsjRQLhKBEjgAgAAAGRSAAAABGgBB34ANtQ_Trn7V1Lqfzv5MSjpq72KMZrVg8KYpK5KziNAbz0yNTK_GXGSjofUah4t6XxPlW_NI-difJkCpjhT4VmNKeIdhcE4vPr1kehlexME-9ViYsvH05OORpsfF45jwkd_YPZiq65M0IXqVXtlMpG5Dl-rn8XLu7opFyrahl9ScX0O0e9wINUIHzMTJC4gbGKk0SsuomaAToad7sj0DaRX4jH4S3qwqZMfjGy79M9-Np5SJXe5mJUYiQ5SIMpMEFTXd_aGIRDST7GEkFquVRR5zptVKAFhjMJK3ofmN3HQjtNtKj_SbIUbA2bnfZ6bzzPmBsAbEImVurzAPeLr9K4xNpNU_PVKwVQF_uTkIDWBav1puthukT5NTtAR9Sc8SqbShY37P_EB0QFnJmJ5QPSMS_B4LdCUfRor27gZN2skRRQf_7fb-HLPuwqCUsup8l1XjipjZDjk3YMA_p2ULpas_l-fTk7uUYk4NJE5QjCDu5NWEtwFVtGvLkZsPglaWY1V16_GLmPIod5B1FHV_8y04z-zPWrIjTcsru2_paVRmxXNDxBFjPf4Ytru8oFgZn-kL-l6VSYzVxqz7x4PT_F-LwUwQB8kWeP4eLcB9wTT_3IeFxu2WQZ1MX_Atd5M5-AYRBP-3VZd9lusRx2UHsM_CHRtf4UWvGljmd5KhRcdeCgn29w3H33YZVjC0jmTqcC1S9bZb-kh0xKno4auKlizCqXp1brZJAt75cCIHeMwCjTMszt_YfW_IxpNeRCb7uJ0M0-gMcePcM2I1Q1_ApV4_qLoJyQjkDr5T1lYouryd58O7koQNIItrvemtwDYNFpHdKicq6HZDOFZpIvMsVNi61T9B9VB10-82RWiPQ2MaWoq5dMMGNzXskg2FBE5ciqIUpCX8gf7fGHssM62aDOSYZHkA75SZ8YiPOslj33qY0Uy5XswJUZ1KCGREDJBspKZN7sUqi_xXOMgJFbOCPv8Tg

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| gtag object| dataLayer function| $ function| jQuery function| QRCodeStyling function| Dropzone function| default function| Resumable object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| QRCode object| $jscomp function| $jscomp$lookupPolyfilledValue function| DataTable object| bootstrap object| webpackChunk function| _ function| axios object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_image_requests object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjZkZWU5ZmEwNWQyNDM3ZWxvYWRlcl9qcw== string| ZjZkZWU5ZmEwNWQyNDM3ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag boolean| 9b09306c-8c73-480e-abcd-afce0e5a0758

11 Cookies

Domain/Path Name / Value
m-r.pw/ Name: XSRF-TOKEN
Value: eyJpdiI6Im5BOGkvdmlRbmd6ODYveGZjU1dsd2c9PSIsInZhbHVlIjoieUJtdkNrTU54LzduNlJtSDZJb0NsOTUyWVhaVDFybUt6SGhXMTBJMjJXbkM2Q2paRlExdUJCVGUzZjJjVGpLM1JCRnl1MmZYZWRVOUY1WFFmZ2twRndPYjh5QlduTW9Wb1g4c3dLeGtITHo0eGpUeHV3NEFKb1I2MURqQWw1VVAiLCJtYWMiOiI5M2U5YmEyNDZkNTc3NDk1NTBmMmY0OWEyMTU2Zjk2MjIwNmU5MGY2NzkxMmY5YjM5YjdhZmIwOTUwNWY3YzgxIiwidGFnIjoiIn0%3D
m-r.pw/ Name: m_rpw_session
Value: eyJpdiI6Ik5TN05QVEttK3pXQjBhcU56S0pXVnc9PSIsInZhbHVlIjoiT0xKejk0S0I2Q1Q0aVhYdmhpM05Cd2U4SUN4WTlHWjNBamJGM0c4eFdJbW9QSHB4bjZRMm52ckR2NjQ2TGJKTEVKUG43WGxtNjFNRlEvTTYzN0U2c3NPZVFkbXR4YUtYMlNOMHpRazhHRUp6NjBjNThHOGRJTWx1NEZyZXFQeVUiLCJtYWMiOiIzODE2MTA2NzFhNTVmNmIyZmI2YmIwZmJkNDU1YWQyOTc3ZDMxNzkwMjAwYmE4MDg0YzU5MjA3ZTc4Nzc0MzlmIiwidGFnIjoiIn0%3D
.m-r.pw/ Name: _ga
Value: GA1.1.620660135.1722651932
.m-r.pw/ Name: _ga_EDL2BRS35E
Value: GS1.1.1722651932.1.0.1722651932.0.0.0
.m-r.pw/ Name: __gads
Value: ID=aaf177d9cb310131:T=1722651933:RT=1722651933:S=ALNI_Mazbgtu5QvEVEbflA90zNLdY-K0OQ
.m-r.pw/ Name: __gpi
Value: UID=00000ec674524aca:T=1722651933:RT=1722651933:S=ALNI_Mbj9EShYtoyegTFnZIMCbOQYSfI_Q
.m-r.pw/ Name: __eoi
Value: ID=5c7d53c0db51b44a:T=1722651933:RT=1722651933:S=AA-AfjaUaDBHi-3Pa5OycfNttX9q
.doubleclick.net/ Name: IDE
Value: AHWqTUlV4Lp6YzmEIZf3VC3S3Xwt77WQzQwXcAqJUaQfS8e9UwAsYpndodhqcnqJHR8
.mediago.io/ Name: __mguid_
Value: 213bd2cbf822d364288ol000lzdihfk3
gtrace.mediago.io/ Name: cst_70
Value: ts=1722651934
.m-r.pw/ Name: FCNEC
Value: %5B%5B%22AKsRol8mQsSEqc-qu0doZzUODRZPfF83x1ETxeMfXHK6TwedHcqSfLXuRCIBtXEqGk8FtfDPNvu_zVFzrI7Ox3Iku5Z65ZwbGXOHc8T3K89PvDrs4I96g3bHjIBS9jvun_9Thj5cPWyl3jH8EMhqlb0WnSagYPWGgQ%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
m-r.pw
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.25.14
104.18.186.31
107.152.32.27
142.250.31.102
142.251.163.155
142.251.174.105
142.251.174.132
142.251.179.154
142.251.179.97
173.194.205.95
74.125.192.113
0c617285716b9f4a1eda3afcbccd1e6be053ef78677eecb50eefa06ccab03146
1e5ffa4e3225042baf1b844b576c0fd5dae1ad0130cbebf98cb5e4f29cbf2def
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
308c5ac6865fe2c0252c5abaed7b8055e542d4943b85b5b99823c994e4bbc11d
361bf85c74bc182c9d5e7f2a90731157c698e9b87f9a95c2668b15cb83d393a2
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
489d06a3de2eb8180fc321976b4129613139ca13a8a57154e829bc2eaab2ced2
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7
53b70abc117de82792aa9ccd127c4ee911ff84e25be57c3cf39b6eb134d7eb02
5b5e816fb9ff694b6f1327105a3e7f202c84247a1140291f51af4666d9a2217a
5c08873605bd7cf608a0db6be6230a22139a8972c8c9ac8b5483853f45cfcfff
5d13f4066b32a384c03819375741d8781dc5c1dbd9f251bc7305cfc5f82893bd
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66830be1b44d61cd3d4bba46fb632e8447829c1f5141fe7e236aa059ebfa0f6b
682ba9c36ec8526c9923d750fa57d7f0c598cf2ce3c4002f9eed5b5fed27125e
68457def7fddce33b77325dfa05cfbf8ef16134df286ac6c5e57a1f9951157a2
686761cc3a93f247ede72b4a37060a89d65b6abdeb4e6d31685f2173e5d0ec7e
6d160b973ddc8fee20d7dc389fb2e9c7f6bca29ceb21547a66b16feb6ac22cad
707f4f083579671e2c56bc823e4e7b61c52a605e369a6c6c727985e138b2610f
7c5321d22ac644f57a7fa03d062443929d2f64c2e7a459f49a8f6dcf40382772
7feaf64d7dca902e9abe9bfb17c6d18556593bc9d6ef126198229dea4ecfa861
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe
a853d363588d99ea883e9fa2f678f4a46690a54f4200925f3ffa8673481757b5
ad3ab4c622eed4d8f0e66077932dc3661a48e5685876436541b19751cd128ba1
b01ecc04e2c5027d7cb3a092746c92cb464832acdfd40d086666d219821d9904
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b30becffbd87d8966b21bc8374cb2442fdadd1ba533b9b6024e595301819aba5
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
c177a35fdbf2a1915f0eddf3e140224cfe73e9048a7ce4fd582d31984c63f51c
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c49650a9c9cc4df10356cd716c19fb54eba0bc90434999040c04f33299357d51
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
d8ccda79c0869303bbef93ef44992a313778b11e9cb918909644f6894782b125
dd329c644951f3c041200e8279e3c90063ac5b5c8861fe253fca48df7dd8b99c
df8458262a7d3d4dad2851655de2b3ba3b711f52e2bfce63ce0348730bb819c7
dfbc04855b36a4f1602467e1a14ec1a9f974974cd1e94e604906635e263622de
e04f9ee8d10ee25525bfbb4c44f856853568bd39de59c7bc9a2da1683fee01c3
e0fce3625dfd8acefcfe29348bbe61c6fbcf3a1ff8f0a2dec60fbfa2ae3c1386
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cbbbef44cfe8c91860cf403e010229b7f5ee6eb82b5b85ab106d3c08b488f0
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb62517b0ae8d527239d39363456e2ef08d7da045e01a98ef51229e8230a582a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e