urlscan.io logo urlscan.io
SecurityTrails logo

48wfq.monteux.top Open in urlscan Pro
5.101.50.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lx2.in/13421
Effective URL: http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_s...
Submission: On May 16 via manual from IN — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 32 HTTP transactions. The main IP is 5.101.50.58, located in St Petersburg, Russian Federation and belongs to SELECTEL, RU. The main domain is 48wfq.monteux.top.
This is the only time 48wfq.monteux.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    185.199.220.72 (United Kingdom)

ASN12488 (KRYSTAL, GB)
PTR: toba-lon.cloudhosting.uk
lx2.in
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2606:4700:3030::ac43:b179 (United States)

ASN13335 (CLOUDFLARENET, US)
v53.uk
1    5.101.50.58 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
48wfq.monteux.top
2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a06:98c1:3121::3 (None, )

ASN- ()
bestonlineres.com
Apex Domain
Subdomains		 Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
www.google.com — Cisco Umbrella Rank: 2
70 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
318 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103
34 KB
3 lx2.in
lx2.in
3 KB
2 bestonlineres.com
bestonlineres.com
2 KB
1 monteux.top
48wfq.monteux.top
554 B
1 v53.uk
v53.uk
594 B
32 8
Domain Requested by
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
5 pagead2.googlesyndication.com lx2.in
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 maxcdn.bootstrapcdn.com lx2.in
3 lx2.in lx2.in
2 bestonlineres.com 48wfq.monteux.top
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 48wfq.monteux.top
1 v53.uk 1 redirects
32 10

This site contains no links.

Subject Issuer Validity Valid
c.lx2.in
R3		 2024-04-10 -
2024-07-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
bestonlineres.com
E1		 2024-04-06 -
2024-07-05		 3 months crt.sh

This page contains 6 frames:

Frame: https://bestonlineres.com/?a=1nrK&c=d
Frame ID: 9FDBC75895929F0A8AB5634DF8B043BF
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: ECFBEB506F18304C5E322C57378C2AD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160062110251030&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1715891728&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Flx2.in%2F13421&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNjAiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi42MCJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1715891728771&bpp=3&bdt=273&idt=181&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2029813703140&frm=20&pv=2&ga_vid=192279254.1715891729&ga_sid=1715891729&ga_hid=1775070958&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083586%2C31083639%2C95331688%2C95331982%2C31083764%2C95331712%2C95332415%2C31078668&oid=2&pvsid=583926903848296&tmod=1987527471&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=205
Frame ID: 594C5909529B9743194F432B13A3F97D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: 0EDE2F1F74AD26155961CB4EEF997612
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A32AA568EC65597D806D3C739DFD1409
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D6FFD25C759BAE293CD2639695EB8AEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://lx2.in/13421 Page URL
  2. https://v53.uk/s/r/?tscr=8&url=http%3A%2F%2F48wfq.monteux.top%2Fmainfeed%3Futm_campaign%3Dd... HTTP 302
    http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=sugg... HTTP 307
    https://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=sugg... HTTP 307
    http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=sugg... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

32
Requests

94 %
HTTPS

80 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

429 kB
Transfer

1302 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lx2.in/13421 Page URL
  2. https://v53.uk/s/r/?tscr=8&url=http%3A%2F%2F48wfq.monteux.top%2Fmainfeed%3Futm_campaign%3Ddigest_email%26target_user_id%3D16014965%26click_source%3Dsuggested_user_cta%26utm_source%3Dinstagram%26utm_medium%3Demail HTTP 302
    http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email HTTP 307
    https://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email HTTP 307
    http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
13421
lx2.in/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lx2.in/13421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.220.72 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS
toba-lon.cloudhosting.uk
Software
LiteSpeed /
Resource Hash
71f7f4aff1c040a5b07ded55d679339eab67d3bc174e69c7d83d11e3761b0e51

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
999
content-type
text/html
date
Thu, 16 May 2024 20:35:28 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lx2.in
URL: https://lx2.in/13421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0194d9baede7979168fe055687d8089bdc64c694631726c88e223e16caebde36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51927
x-xss-protection
0
server
cafe
etag
17488982752073885725
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 16 May 2024 20:35:28 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: lx2.in
URL: https://lx2.in/13421
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1073
age
4813920
cdn-cachedat
02/08/2024 22:59:39
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3b55acb193eb444463e6edc8326038ee
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
884e2787ded29559-LHR
cdn-requestpullsuccess
True
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: lx2.in
URL: https://lx2.in/13421
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1070
age
5109619
cdn-cachedat
10/31/2023 19:00:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ab6b02efeaf178e0247b9504051472fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9e74806185d66339835e4d4684d9d136
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
884e2787ded09559-LHR
cdn-requestpullsuccess
True
styles.css
lx2.in/ 		2 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lx2.in/styles.css
Requested by
Host: lx2.in
URL: https://lx2.in/13421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.220.72 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS
toba-lon.cloudhosting.uk
Software
LiteSpeed /
Resource Hash
d3ccd37fe4593ed00698a5a925b251f225e83723e5f963b332eba648a8f04d3b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/13421
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:28 GMT
content-encoding
br
server
LiteSpeed
content-length
833
vary
Accept-Encoding,User-Agent
content-type
text/html
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: lx2.in
URL: https://lx2.in/13421
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1029
age
4644362
cdn-cachedat
10/31/2023 19:19:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
961c2b7b2d788121b27e125e4b8e1833
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
884e2787ded39559-LHR
cdn-requestpullsuccess
True
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ef980d6d6ba258b1cc9d55d464646877c42c5a69bbb8cb73e438c68fec07ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143541
x-xss-protection
0
server
cafe
etag
8320247970058041124
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 May 2024 20:35:28 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/ Frame ECFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://lx2.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
32149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 11:39:40 GMT
etag
5035419970550746386
expires
Thu, 30 May 2024 11:39:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 594C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160062110251030&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1715891728&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Flx2.in%2F13421&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNjAiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi42MCJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1715891728771&bpp=3&bdt=273&idt=181&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2029813703140&frm=20&pv=2&ga_vid=192279254.1715891729&ga_sid=1715891729&ga_hid=1775070958&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083586%2C31083639%2C95331688%2C95331982%2C31083764%2C95331712%2C95332415%2C31078668&oid=2&pvsid=583926903848296&tmod=1987527471&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://lx2.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
24077
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 20:35:29 GMT
expires
Thu, 16 May 2024 20:35:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/reactive_library_fy2021.js?bust=31083764
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ab77bc1551edfb8d0d84a5a1791750736331ec5530b1ef7159e418779e3e206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57669
x-xss-protection
0
server
cafe
etag
940332222645978463
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 May 2024 20:35:29 GMT
ca-pub-4160062110251030
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4160062110251030?href=https%3A%2F%2Flx2.in%2F13421&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
057c19f3263f632a87aa68383fa56d93326e1572a284427b8ba1a32d995811db
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gtje1uRTdLjC2QlzNiSm8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gtje1uRTdLjC2QlzNiSm8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxOWOF1nrgViIm2PSnZmb2AQObNovpqSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGpoomdgEF9gAABw0EXs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUJNtGjT0ZOrIfuUIOC79NPY8qOq46C62nUFC2EIMhfDz460wwLDnP0WqVw4TmWmlg9He3CFrNziKglZQ9Ov4RkUa-dDi2FMIkgbD9uvEdSx6196OIBmlV0u0Rh6_3pNyoSUWpqkg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUJNtGjT0ZOrIfuUIOC79NPY8qOq46C62nUFC2EIMhfDz460wwLDnP0WqVw4TmWmlg9He3CFrNziKglZQ9Ov4RkUa-dDi2FMIkgbD9uvEdSx6196OIBmlV0u0Rh6_3pNyoSUWpqkg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1ODkxNzMwLDE2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9seDIuaW4vMTM0MjEiLG51bGwsW1s4LCJQbkRYZFpiajdwNCJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f58dfaa25c6b26732038a9fe1ba50802b05542504b73b6b094ddc00a4b6d0d14
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HlafsOXFYqkbMejmtfw2sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-HlafsOXFYqkbMejmtfw2sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxELcHJPuzNzEJnDg_slEJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDU0MTPQOD-AIDAE_-Q0g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/ Frame 0EDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://lx2.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
32149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 11:39:40 GMT
etag
5035419970550746386
expires
Thu, 30 May 2024 11:39:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxW3gT8UO_RU8FcTLAYv35UvXPVHrthide9jG3Bw5shMGwRXbgOrqAJ7dD_Vfbc314Rx2u_owbSyCMsDZvdZDnwbEJsSVUjJeiqZZCCyOPB0HDsXUG7kAtrQMZUvq_T1NPuGNIgn9A==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW3gT8UO_RU8FcTLAYv35UvXPVHrthide9jG3Bw5shMGwRXbgOrqAJ7dD_Vfbc314Rx2u_owbSyCMsDZvdZDnwbEJsSVUjJeiqZZCCyOPB0HDsXUG7kAtrQMZUvq_T1NPuGNIgn9A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1ODkxNzMwLDI1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbHgyLmluLzEzNDIxIixudWxsLFtbOCwiUG5EWGRaYmo3cDQiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f10c429f5ac23c6e5835908a932c08270e404f500c3042f79659cac9e8609fe
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nHq7MrGzD5vXwlYNP95y6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nHq7MrGzD5vXwlYNP95y6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxEI8HJPuzNzEJrBg6eapjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGJnoGBvEFBgB6u0MP"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240513&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12641
x-xss-protection
0
Primary Request mainfeed
48wfq.monteux.top/
Redirect Chain
  • https://v53.uk/s/r/?tscr=8&url=http%3A%2F%2F48wfq.monteux.top%2Fmainfeed%3Futm_campaign%3Ddigest_email%26target_user_id%3D16014965%26click_source%3Dsuggested_user_cta%26utm_source%3Dinstagram%26utm...
  • http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email
  • https://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email
  • http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email
318 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email
Protocol
HTTP/1.1
Server
5.101.50.58 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://lx2.in/13421
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Connection
close
Content-Encoding
gzip
Content-Length
214
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 May 2024 20:35:32 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding

Redirect headers

Location
http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
lx2.in/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lx2.in/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.199.220.72 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS
toba-lon.cloudhosting.uk
Software
LiteSpeed /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/13421
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 20:35:30 GMT
server
LiteSpeed
vary
User-Agent
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1163
side-
fundingchoicesmessages.google.com/f/AGSKWxUB4CFplHt9zhoVvchkmBQ0WtnXW8qWBTDJlkXVgSV90LdGKZRfTifExlKJ1GbB77lupHZqXrY-ddw-UAqA2LZL9QtaEO_K7_-9hMr4XRFaHMWZdXu077Fyi6cvaMXbToG3ePgBJwKHpPLlJ-BJ82jSA9jcI... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUB4CFplHt9zhoVvchkmBQ0WtnXW8qWBTDJlkXVgSV90LdGKZRfTifExlKJ1GbB77lupHZqXrY-ddw-UAqA2LZL9QtaEO_K7_-9hMr4XRFaHMWZdXu077Fyi6cvaMXbToG3ePgBJwKHpPLlJ-BJ82jSA9jcIZ_4osO6l_BS3JubwwL9X6dJw00FYINg/_/ad/multfusion./ad-image./wahoha./728_90n./ads/side-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw3WtttH5c8BJCaRMxeL5_z4EwJpg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TPCqFHKp3w6ZHFR_JCUf7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-TPCqFHKp3w6ZHFR_JCUf7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7FfZP0HxEI8HJPuzNzEJnDg6KJbzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGJnoGBvEFBgCT9EOL"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw3WtttH5c8BJCaRMxeL5_z4EwJpg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52445
x-xss-protection
0
server
cafe
etag
861105802204692990
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 16 May 2024 20:35:30 GMT
AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UJBSi5XHWgZxb0SJ939dQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-UJBSi5XHWgZxb0SJ939dQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1JBicEqfwRoCxELcHJPvzNzEJvCid7G7kktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU01TMwjy8wAACE9CH-"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://lx2.in
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Gdx06odMGAXBeyw87X6ogw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Gdx06odMGAXBeyw87X6ogw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0gDi9BmsIUAsxM0x-c7MTWwCE65-9lByScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgamhqZ6BubxBQYAlzIiQA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://lx2.in
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ze9LNSKmGpQFfaPAUlYO4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-ze9LNSKmGpQFfaPAUlYO4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0JBicEqfwRoCxELcHJPvzNzEJvDj9HkPJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGpoqmdgHl9gAACniiJ4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://lx2.in
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wwuUBFEUTdPiaxtonVFMbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-wwuUBFEUTdPiaxtonVFMbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoCxELcHJPvzNzEJnDh2nZ3JZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGpoqmdgHl9gAACbDiJK"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lx2.in
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWH8fxgtOsNah5tw6GiuBRvsFk32MPqCCPgaDMM5c_n0v5Neb9LDnLEYJpJpgkkoQQQhaj2y26aqi9Amth_0ydDkZa4ADq55uNlYCGBfTi-t-DoIQjsIbeCJpbYYlPN_iXscm1XWQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWH8fxgtOsNah5tw6GiuBRvsFk32MPqCCPgaDMM5c_n0v5Neb9LDnLEYJpJpgkkoQQQhaj2y26aqi9Amth_0ydDkZa4ADq55uNlYCGBfTi-t-DoIQjsIbeCJpbYYlPN_iXscm1XWQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1ODkxNzMxLDQ0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2x4Mi5pbi8xMzQyMSIsbnVsbCxbWzgsIlBuRFhkWmJqN3A0Il0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SMI75RkkzDsb2A1vzN5C9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-SMI75RkkzDsb2A1vzN5C9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxELcHJPvzNzEJvDi9Gx1JY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDU0MTPQOD-AIDAEerQv4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 May 2024 20:35:31 GMT
AGSKWxWvYTAVqOKnZuhApJH-RJVAJqFwgx2ekx67MT4Cpc6bWBNaikJ1jiqv3OIcFjf6i-_-LrrApl3cgDOyNh2jqcSLwD_Muy20ERq71LfLyTLZc9IdkiHtZmBcSNy1N08K44XCFaD_Dg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWvYTAVqOKnZuhApJH-RJVAJqFwgx2ekx67MT4Cpc6bWBNaikJ1jiqv3OIcFjf6i-_-LrrApl3cgDOyNh2jqcSLwD_Muy20ERq71LfLyTLZc9IdkiHtZmBcSNy1N08K44XCFaD_Dg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jMUtMG1mUHgHhLmekYX_3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jMUtMG1mUHgHhLmekYX_3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1pBicEqfwRoCxELcHJPvzNzEJvBh6zd3JZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGpoqmdgHl9gAACwsiKT"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lx2.in
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWWieacsXQcxz7hxyxzdzpZ-tCfdAVxNLtP3slBs7Xh8DByJvk-6qEOlFNMvVMWy7PxCCZ69Ace2RBx7HA7U2M02n76XMOUtOYFHuDFTi7QzigAhIX_oFc7uGRYhlrsGhOPhPSdNw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMx_3xo3keXKSuvK4djmgRgosC23tw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_sRAhJTFG_Qq9NigdJjL9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lx2.in/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 May 2024 20:35:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-_sRAhJTFG_Qq9NigdJjL9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1JBicEqfwRoCxELcHJPvzNzEJrBh6ns3JZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGpoqmdgHl9gAACMJSIZ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://lx2.in
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A32A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://lx2.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
25606
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 13:28:45 GMT
expires
Fri, 16 May 2025 13:28:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D6FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JPZFd1RoGZ9VB0SBJliBaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://lx2.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JPZFd1RoGZ9VB0SBJliBaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 20:35:31 GMT
expires
Thu, 16 May 2024 20:35:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
/
bestonlineres.com/ 		0
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bestonlineres.com/?a=1nrK&c=d
Requested by
Host: 48wfq.monteux.top
URL: http://48wfq.monteux.top/mainfeed?utm_campaign=digest_email&target_user_id=16014965&click_source=suggested_user_cta&utm_source=instagram&utm_medium=email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
http://48wfq.monteux.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
884e27a1fc86dc9f-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 May 2024 20:35:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vowNYDefHVAo5mMfHcSqruaB%2F3%2FxfjpMfZls7ieGNJ9i0Dmb2pWLxpjm3xKpFw%2BWdduiRy1cmhM8KRS3hrc2ruIJ3hJX4d7IvVduOi6%2BCgHMHGxfa3ea1eVI8tjVE181oDI%2BezUlN5NKUL9inyNAmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
bestonlineres.com/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bestonlineres.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bestonlineres.com/?a=1nrK&c=d
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:35:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 14 Aug 2023 10:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYnzyhL2bASY4EXZgE7raGKlhUZuL%2BI6DrDtyyRIMj3reMRgOIL4bJGbz7AdKOrN1MRKxjd3adM6rdfZbjcdFkxfuXzicL5fZSdPqx%2Bfe4vcBADj9DwVGy6yiqgqTFSH%2BUmOA3LMRpwQHWeio8hpVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
884e27a2dd9bdc9f-LHR
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240513&jk=583926903848296&bg=!AQKlAk3NAAav94VWj_c7ADQBe5WfOKXaCA0HPLLnKgj0UGEDt1vYbRbfkR7HNOp5kz9uo3eT5C0LmCk6q9_TUwdsc7bXAgAAAFNSAAAADWgBB34ANtn4G55N5MigAz_1_BMpJRd87lCWR_nHOXoxdm-Ygc-ml9B4DhmxJmZdUr4mM8L48sopoBvRYAoAasnEWrCTffq5cKCCW1jpNGOcJQyJOQvlDbFE04Pg2QEQZnVFEQ2rP3sRC0DHkatKits7lxT4z4qWLc0VQYQs9TSuIz6NozeLOGmEREtuxDWIfgl4-L3AL_znKcw8VctcA9BgrzYNLyX7RwGZApTmNmoHNeiEhG91ar-GtJrxRMIeDOr-KBQLCqAuYJrwQxJ0ONkchuP61vY14lyzlWwnTDX-1tjQZ1AHo4JvgPSt_UvIcK5FGf5R0IX_G6WS4Y4c6wDzMK0c3dp5XaM2YpvasvyHVJNKdTTMQdEzRhu4FhYOl2ZE2C8olI-WyNCi_PECXJXbWpfQ00UwBLdNvxMJ5vo75c9MJfTVEatbKHFojI38i129XIGyyTM22RvmEfZCaMdL-5DlL-IC3ZQO4fNbbRLcmIdG9pr7s8AQrg7L-5GIJNtsQMx4uQRMaDtql0vc0zXIoFYP3PlcNsyzUzVk2buBB2OpSmqPX25_cXx1899EZeVSFscF3fPrQ75ouQocJtS0f0Vs723vKWF3PuiyiR67A03NQKDMgRNMIRQJhgUbiGhTiB90ZhmAw6Dri6Dny1JM8DSuBEjZfO-pE4r9T7wjrrkoj5UjZyx4Gqd3PNlPsBFXmwRmOLPm3zMbPzsU_7YPwrfDxTLg_fyTmW2szyaLjmHIiC5FWeMDaZfdusIn7axFcJdBZtcqeCKICT8MDlcVVomq70IjW-XrACA8onHihcRdyReaRlQdE42jNszJCpD28pzIVXN8EpflpoYmliXjZq2k3HCIa4EP9HLhEky2HZB971kLWyF4uA8AcN-BQCPzdhx4d2RCaVsDallbEhfUeP1XVLbIdexS6oZE6Ev_lskCymrrDrD1_BLHRtqFHkfa240WqDDe1TtX5jtIdwKpFgCQQJHA6WesTr-cyKmSTF2L2ffHJ2adOd1E5kKq396N7fZidFBjDOtE3Hm4781eFjOG2dWWlFdsXCJWmKk_wSa65-eMC5dyX1P0cl9rwraJdzU1dtQ5O-hg5L7slPs

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
.lx2.in/ Name: __gads
Value: ID=6e6a9a801d432d94:T=1715891729:RT=1715891729:S=ALNI_MahbM2Jf5vVVAUCUcztBUQKOgeUjg
.lx2.in/ Name: __gpi
Value: UID=00000e21a8ef69c5:T=1715891729:RT=1715891729:S=ALNI_MZnnZJqUfxdxvIfjW3F_50kfIWKXQ
.lx2.in/ Name: __eoi
Value: ID=ea36cb4abc38bed9:T=1715891729:RT=1715891729:S=AA-AfjY60ROUjp0IuNs3BcKlhcjz
.doubleclick.net/ Name: IDE
Value: AHWqTUmPfvpyVYlgjh28YWbRH0uULGDwBJixyOZdekSg-Jn0lBDB6Zhumun9-xGU_fg
.lx2.in/ Name: FCNEC
Value: %5B%5B%22AKsRol90kNxapQWGTKyDVKlgacJQ2Cs7MT_PsgHux4d19qKyxrk1ahwa25mEUU4cZFq3gtaikP2VJCMYG_RPzpK0E_tCW6uRAXLiZaWIaCk1hOmeJVpQLhuhigY1piwVYEh5JjCUwhaYsHjAPDRJu3ASI3juC1UeQA%3D%3D%22%5D%5D
48wfq.monteux.top/ Name: zcknrt_mainfeed
Value: 0

6 Console Messages

Source Level URL
Text
other warning URL: https://lx2.in/13421
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://lx2.in/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://lx2.in/13421
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lx2.in/13421
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lx2.in/13421
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://bestonlineres.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()