urlscan.io logo urlscan.io
SecurityTrails logo

jiforo.com Open in urlscan Pro
199.59.243.225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://today.empower-online.xyz/
Effective URL: https://jiforo.com/activate
Submission: On November 12 via manual from GM — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 199.59.243.225, located in United States and belongs to AMAZON-02, US. The main domain is jiforo.com.
TLS certificate: Issued by R3 on November 5th 2023. Valid for: 3 months.
This is the only time jiforo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 88.198.22.18 24940 (HETZNER-AS)
4 104.18.10.207 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
3 199.59.243.225 16509 (AMAZON-02)
1 7 216.58.212.164 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
6 142.250.186.67 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
33 9
5    88.198.22.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: rs6b.rcnoc.com
today.empower-online.xyz
4    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    199.59.243.225 (United States)

ASN16509 (AMAZON-02, US)
jiforo.com
7    216.58.212.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f4.1e100.net
www.google.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
6    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
627 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
97 KB
5 empower-online.xyz
today.empower-online.xyz
85 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
71 KB
3 jiforo.com
jiforo.com
36 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
13 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
591 B
0 baidu.com Failed
hm.baidu.com Failed
0 supercounters.com Failed
widget.supercounters.com Failed
0 googleapis.com Failed
ajax.googleapis.com Failed
33 10
Domain Requested by
7 www.google.com 1 redirects jiforo.com
www.google.com
www.gstatic.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 today.empower-online.xyz today.empower-online.xyz
4 maxcdn.bootstrapcdn.com today.empower-online.xyz
3 jiforo.com today.empower-online.xyz
jiforo.com
2 cdnjs.cloudflare.com today.empower-online.xyz
1 fonts.gstatic.com www.google.com
1 partner.googleadservices.com www.google.com
0 hm.baidu.com Failed today.empower-online.xyz
0 widget.supercounters.com Failed today.empower-online.xyz
0 ajax.googleapis.com Failed today.empower-online.xyz
33 11

This site contains no links.

Subject Issuer Validity Valid
today.empower-online.xyz
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
jiforo.com
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://jiforo.com/activate
Frame ID: 2FABB343054FE00397807F3953D3A186
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Frame ID: F3FFDDD87EB7EF97BA46BFD79C153C52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&s=yjps3cL2TEaH_aA5ZDhzaSXcHNoQPBDJ-HacJNLhvzibQY3isdrjDXRbcryhKcCFg5_d5VLToT2t9ttQdiIe2LwPe2O9WALd9sX3jyefVjlHXdQ_1zVhMpcqnkZlrImRyFnnbz_mKDFXjwInm9URT1XsjVWkYHpvJBaGKZf5Va9zF4FOzqTBKwr-oBhrOCrzVQ1uH1GwpL-YL3V9yzr6O0Ii75DPS92NBbx7NpKxOmIKl1ytI0TXMVNHP5Rwi2ntuQLcSL6D5_Yqjg0k7d0xCGIeWGBXtUI&cb=klfigc72d8rc
Frame ID: AB5A24506A716485FDDF0E05C12EF1B8
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: 26E39B4BE18FB938166F3341C7227F1A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jiforo.com

Page URL History Show full URLs

  1. https://today.empower-online.xyz/ Page URL
  2. https://today.empower-online.xyz/go.php Page URL
  3. https://jiforo.com/activate HTTP 307
    https://jiforo.com/activate Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

33
Requests

85 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

928 kB
Transfer

2334 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://today.empower-online.xyz/ Page URL
  2. https://today.empower-online.xyz/go.php Page URL
  3. https://jiforo.com/activate HTTP 307
    https://jiforo.com/activate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol323%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol495&client=dp-bodis30_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fjiforo.com%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2442788251544177&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300001%2C17301157&format=r3&nocache=6391699833428667&num=0&output=afd_ads&domain_name=jiforo.com&v=3&bsl=8&pac=1&u_his=3&u_tz=60&dt=1699833428669&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fjiforo.com%2Factivate HTTP 302
  • https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
today.empower-online.xyz/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rs6b.rcnoc.com
Software
LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
7584
content-type
text/html
date
Sun, 12 Nov 2023 23:57:06 GMT
last-modified
Wed, 17 May 2023 22:14:15 GMT
server
LiteSpeed
vary
Accept-Encoding
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
225979
cdn-cachedat
10/31/2023 19:00:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"7cc40c199d128af6b01e74a28c5900b0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5a488331e197fd944a8b82a7bed314d9
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8252b722d8c470d4-ARN
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		0
0
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
320023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6696
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE3Zteyj36%2BsGnoqQMnclxw0MQzs5QGIIK9TAk54Dgqr4INODJvERVdnSN4o3zONj%2BDXROKVfL4j%2FH6ValS6O7CV%2BE4atK9b8a9i5rR1gA4PQzZtePG0zIxJpjsBK%2BiZSN5qvS60"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8252b722d82d0a2d-ARN
expires
Fri, 01 Nov 2024 23:57:06 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863, 845
age
18472571
cdn-cachedat
2022-02-23 12:47:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"61f338f870fcd0ff46362ef109d28533"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5e4abcf7bfccf03924001516b8ed2976
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8252b722d8c770d4-ARN
cdn-requestpullsuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
4742784
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f3a3007506374a305b1a96efe5ee1490
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8252b722d8c570d4-ARN
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		0
0
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617, 617, 617, 617, 617, 617, 617
age
232465
cdn-cachedat
2021-06-08 14:35:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b078a1e046f360931b46757d100ff8d1
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
8252b722d8c670d4-ARN
cdn-requestpullsuccess
True
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
408320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx27e2jJvF5yJPNqYS1D9wmoQNyckzu7%2BJ75uOUB4FSkzmj15dKk92h%2F8xzWLs%2FjyqLDVTQ9YGUDq7xsOrTviC7YcuW%2F3eIdkSz4k%2BjwkAdMqZldixXVGPv1eMuivxR4F0DrCmLM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8252b722d82c0a2d-ARN
expires
Fri, 01 Nov 2024 23:57:06 GMT
pyes1.png
today.empower-online.xyz/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://today.empower-online.xyz/pyes1.png
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rs6b.rcnoc.com
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
last-modified
Sat, 02 Apr 2022 23:26:56 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7046
expires
Sun, 19 Nov 2023 23:57:06 GMT
p.jpg
today.empower-online.xyz/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://today.empower-online.xyz/p.jpg
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rs6b.rcnoc.com
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
last-modified
Sat, 02 Apr 2022 23:26:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18693
expires
Sun, 19 Nov 2023 23:57:06 GMT
pyes2.png
today.empower-online.xyz/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://today.empower-online.xyz/pyes2.png
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rs6b.rcnoc.com
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://today.empower-online.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:06 GMT
last-modified
Sat, 02 Apr 2022 23:26:56 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
52880
expires
Sun, 19 Nov 2023 23:57:06 GMT
rxz.png
today.empower-online.xyz/ 		0
0
online_i.js
widget.supercounters.com/ssl/ 		0
0
go.php
today.empower-online.xyz/ 		614 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://today.empower-online.xyz/go.php
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
rs6b.rcnoc.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://today.empower-online.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

content-encoding
br
content-length
292
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 23:57:06 GMT
server
LiteSpeed
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		0
0
Primary Request activate
jiforo.com/
Redirect Chain
  • https://jiforo.com/activate
  • https://jiforo.com/activate
1021 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jiforo.com/activate
Requested by
Host: today.empower-online.xyz
URL: https://today.empower-online.xyz/go.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
23144f45fd971104bff66f197e90b885db0065ecd5ddab91c22ff4eec191d597

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Accept-Ch
sec-ch-prefers-color-scheme
Cache-Control
no-store, max-age=0
Connection
close
Content-Length
1021
Content-Type
text/html; charset=utf-8
Critical-Ch
sec-ch-prefers-color-scheme
Date
Sun, 12 Nov 2023 23:57:06 GMT
Vary
sec-ch-prefers-color-scheme
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_QpieBS/wwIOtgErFlso55F6FqaMySrFgiCutzTt8sgr+qpogmsMtmxb5PlVwdYqGrprHJ3FM8rfYdltB+A1uuA==
X-Request-Id
2fb137bc-e1c6-499a-b3c9-234af73d9c8a

Redirect headers

Location
https://jiforo.com/activate
bMiDqoRCN.js
jiforo.com/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jiforo.com/bMiDqoRCN.js
Requested by
Host: jiforo.com
URL: https://jiforo.com/activate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1e5dad69bb61e210766d45af00d8c93b9329ee45fcd4c3b6c08d3515c97929b7

Request headers

Referer
https://jiforo.com/activate
accept-language
se-SE,se;q=0.9
sec-ch-prefers-color-scheme
light
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 23:57:07 GMT
Connection
close
Content-Length
31971
X-Request-Id
6e28fe0c-3f64-44a5-b9aa-059a5450a636
Content-Type
application/javascript; charset=utf-8
_fd
jiforo.com/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jiforo.com/_fd
Requested by
Host: jiforo.com
URL: https://jiforo.com/bMiDqoRCN.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
e2bb5c08c041d2294fd4642d4e96510f8a9ea5c1a19cd647c2a9fdc4021e41b2

Request headers

Accept
application/json
Referer
https://jiforo.com/activate
accept-language
se-SE,se;q=0.9
sec-ch-prefers-color-scheme
light
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.110.3
Date
Sun, 12 Nov 2023 23:57:08 GMT
Content-Encoding
gzip
Pragma
no-cache
Server
openresty
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2360
Expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/ 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: jiforo.com
URL: https://jiforo.com/bMiDqoRCN.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f4.1e100.net
Software
sffe /
Resource Hash
7963e1ba3ef5928d76e3c63ab1830fe107bb4b7a91c5c6425a209c964536e0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://jiforo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"17281640601682419209"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Sun, 12 Nov 2023 23:57:08 GMT
cookie.js
partner.googleadservices.com/gampad/ 		374 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=jiforo.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
38d6232f42249d498a54a031ba73df01633bc261836446ae132f3519557acccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://jiforo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
240
x-xss-protection
0
index
www.google.com/sorry/ Frame F3FF
Redirect Chain
  • https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol323%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol495&cli...
  • https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis...
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f4.1e100.net
Software
HTTP server (unknown) /
Resource Hash
eaba96f37d559f15ca29f37fad97ea9e70597d175ffae9f851370c55ee174485
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://jiforo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
5427
content-type
text/html
date
Sun, 12 Nov 2023 23:57:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1232
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-b1YyZARLbQOpgNgHOnjesA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sun, 12 Nov 2023 23:57:09 GMT
location
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-frame-options
SAMEORIGIN
x-hallmonitor-challenge
CgsI1czFqgYQ5tyACxIEuZPVuw
x-xss-protection
0
api.js
www.google.com/recaptcha/ Frame F3FF 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f4.1e100.net
Software
GSE /
Resource Hash
e42ff12ff7d3e1dd17052f38f42b2b90abbf317e7ebbdd8d2dc253d7798ab2e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 23:57:09 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame F3FF 		466 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191412
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 10:47:50 GMT
anchor
www.google.com/recaptcha/api2/ Frame AB5A 		60 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&s=yjps3cL2TEaH_aA5ZDhzaSXcHNoQPBDJ-HacJNLhvzibQY3isdrjDXRbcryhKcCFg5_d5VLToT2t9ttQdiIe2LwPe2O9WALd9sX3jyefVjlHXdQ_1zVhMpcqnkZlrImRyFnnbz_mKDFXjwInm9URT1XsjVWkYHpvJBaGKZf5Va9zF4FOzqTBKwr-oBhrOCrzVQ1uH1GwpL-YL3V9yzr6O0Ii75DPS92NBbx7NpKxOmIKl1ytI0TXMVNHP5Rwi2ntuQLcSL6D5_Yqjg0k7d0xCGIeWGBXtUI&cb=klfigc72d8rc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f4.1e100.net
Software
GSE /
Resource Hash
fed87b6f76650fd15e6d5e92a7370cbccfd1c34a12e5c50dc8f79a7af2174def
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9aZp85I_saFRtbkMNboNzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9aZp85I_saFRtbkMNboNzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 23:57:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame AB5A 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&s=yjps3cL2TEaH_aA5ZDhzaSXcHNoQPBDJ-HacJNLhvzibQY3isdrjDXRbcryhKcCFg5_d5VLToT2t9ttQdiIe2LwPe2O9WALd9sX3jyefVjlHXdQ_1zVhMpcqnkZlrImRyFnnbz_mKDFXjwInm9URT1XsjVWkYHpvJBaGKZf5Va9zF4FOzqTBKwr-oBhrOCrzVQ1uH1GwpL-YL3V9yzr6O0Ii75DPS92NBbx7NpKxOmIKl1ytI0TXMVNHP5Rwi2ntuQLcSL6D5_Yqjg0k7d0xCGIeWGBXtUI&cb=klfigc72d8rc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 07:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 07:32:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame AB5A 		466 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&s=yjps3cL2TEaH_aA5ZDhzaSXcHNoQPBDJ-HacJNLhvzibQY3isdrjDXRbcryhKcCFg5_d5VLToT2t9ttQdiIe2LwPe2O9WALd9sX3jyefVjlHXdQ_1zVhMpcqnkZlrImRyFnnbz_mKDFXjwInm9URT1XsjVWkYHpvJBaGKZf5Va9zF4FOzqTBKwr-oBhrOCrzVQ1uH1GwpL-YL3V9yzr6O0Ii75DPS92NBbx7NpKxOmIKl1ytI0TXMVNHP5Rwi2ntuQLcSL6D5_Yqjg0k7d0xCGIeWGBXtUI&cb=klfigc72d8rc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191412
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 10:47:50 GMT
truncated
/ Frame AB5A 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AB5A 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AB5A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:15:26 GMT
x-content-type-options
nosniff
age
290504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 16 Nov 2023 15:15:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AB5A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&s=yjps3cL2TEaH_aA5ZDhzaSXcHNoQPBDJ-HacJNLhvzibQY3isdrjDXRbcryhKcCFg5_d5VLToT2t9ttQdiIe2LwPe2O9WALd9sX3jyefVjlHXdQ_1zVhMpcqnkZlrImRyFnnbz_mKDFXjwInm9URT1XsjVWkYHpvJBaGKZf5Va9zF4FOzqTBKwr-oBhrOCrzVQ1uH1GwpL-YL3V9yzr6O0Ii75DPS92NBbx7NpKxOmIKl1ytI0TXMVNHP5Rwi2ntuQLcSL6D5_Yqjg0k7d0xCGIeWGBXtUI&cb=klfigc72d8rc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options
nosniff
age
62819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Nov 2024 06:30:11 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AB5A 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&s=yjps3cL2TEaH_aA5ZDhzaSXcHNoQPBDJ-HacJNLhvzibQY3isdrjDXRbcryhKcCFg5_d5VLToT2t9ttQdiIe2LwPe2O9WALd9sX3jyefVjlHXdQ_1zVhMpcqnkZlrImRyFnnbz_mKDFXjwInm9URT1XsjVWkYHpvJBaGKZf5Va9zF4FOzqTBKwr-oBhrOCrzVQ1uH1GwpL-YL3V9yzr6O0Ii75DPS92NBbx7NpKxOmIKl1ytI0TXMVNHP5Rwi2ntuQLcSL6D5_Yqjg0k7d0xCGIeWGBXtUI&cb=klfigc72d8rc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f4.1e100.net
Software
GSE /
Resource Hash
5f6707358cdb63bdc85124260711d17242baf09cdbae1395b8cb461bebe7793c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&s=yjps3cL2TEaH_aA5ZDhzaSXcHNoQPBDJ-HacJNLhvzibQY3isdrjDXRbcryhKcCFg5_d5VLToT2t9ttQdiIe2LwPe2O9WALd9sX3jyefVjlHXdQ_1zVhMpcqnkZlrImRyFnnbz_mKDFXjwInm9URT1XsjVWkYHpvJBaGKZf5Va9zF4FOzqTBKwr-oBhrOCrzVQ1uH1GwpL-YL3V9yzr6O0Ii75DPS92NBbx7NpKxOmIKl1ytI0TXMVNHP5Rwi2ntuQLcSL6D5_Yqjg0k7d0xCGIeWGBXtUI&cb=klfigc72d8rc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 23:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 23:57:10 GMT
bframe
www.google.com/recaptcha/api2/ Frame 26E3 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f4.1e100.net
Software
GSE /
Resource Hash
d0cb23debccab1b02d4af01f8f7ffe7b308eb82c0ad6727ed85eaa7cf900fa53
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TI3I807OmIw9TfHwO9Bymg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TI3I807OmIw9TfHwO9Bymg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 23:57:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 26E3 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 07:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 07:32:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 26E3 		466 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 10:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191412
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 10:47:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Domain
today.empower-online.xyz
URL
https://today.empower-online.xyz/rxz.png
Domain
widget.supercounters.com
URL
https://widget.supercounters.com/ssl/online_i.js
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?96203ca5188c89396572f4c329976446

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture string| park object| version object| __parkour number| googleNDT_ number| googleAltLoader object| google function| __sasCookie number| experimentId_

2 Cookies

Domain/Path Name / Value
jiforo.com/ Name: parking_session
Value: 86eece48-9ac8-46b2-b179-a129e5acc3ea
.jiforo.com/ Name: __gsas
Value: ID=ea5b4d706bfac9e7:T=1699833428:RT=1699833428:S=ALNI_MbndSm-o30ZudIsTKXfcOX60AjWNg

2 Console Messages

Source Level URL
Text
other warning URL: https://www.google.com/adsense/domains/caf.js(Line 213)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol47%252Cpid-bodis-gcontrol323%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol495%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttps%253A%252F%252Fjiforo.com%253Fcaf%2526%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2442788251544177%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300001%252C17301157%26format%3Dr3%26nocache%3D6391699833428667%26num%3D0%26output%3Dafd_ads%26domain_name%3Djiforo.com%26v%3D3%26bsl%3D8%26pac%3D1%26u_his%3D3%26u_tz%3D60%26dt%3D1699833428669%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1600%26psh%3D1080%26frm%3D0%26cl%3D579967862%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D579967862%26rurl%3Dhttps%253A%252F%252Fjiforo.com%252Factivate&hl=en&q=EgS5k9W7GNTMxaoGIjB36CHmGgWq5DPpY-HmJ8KcR6aG-QGWpoDl4hJO6Ao5PUyhfBUzX1BXzFhKrBZuuzcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.gstatic.com
hm.baidu.com
jiforo.com
maxcdn.bootstrapcdn.com
partner.googleadservices.com
today.empower-online.xyz
widget.supercounters.com
www.google.com
www.gstatic.com
ajax.googleapis.com
hm.baidu.com
today.empower-online.xyz
widget.supercounters.com
104.17.25.14
104.18.10.207
142.250.185.67
142.250.186.162
142.250.186.67
199.59.243.225
216.58.212.164
88.198.22.18
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e5dad69bb61e210766d45af00d8c93b9329ee45fcd4c3b6c08d3515c97929b7
23144f45fd971104bff66f197e90b885db0065ecd5ddab91c22ff4eec191d597
38d6232f42249d498a54a031ba73df01633bc261836446ae132f3519557acccf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
5f6707358cdb63bdc85124260711d17242baf09cdbae1395b8cb461bebe7793c
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7963e1ba3ef5928d76e3c63ab1830fe107bb4b7a91c5c6425a209c964536e0df
d0cb23debccab1b02d4af01f8f7ffe7b308eb82c0ad6727ed85eaa7cf900fa53
e2bb5c08c041d2294fd4642d4e96510f8a9ea5c1a19cd647c2a9fdc4021e41b2
e42ff12ff7d3e1dd17052f38f42b2b90abbf317e7ebbdd8d2dc253d7798ab2e4
eaba96f37d559f15ca29f37fad97ea9e70597d175ffae9f851370c55ee174485
fed87b6f76650fd15e6d5e92a7370cbccfd1c34a12e5c50dc8f79a7af2174def