urlscan.io logo urlscan.io
SecurityTrails logo

harldan.s3-website-us-east-1.amazonaws.com Open in urlscan Pro
16.182.70.253  Public Scan

Go To Rescan Add Verdict Report
URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Submission: On April 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 6 domains to perform 30 HTTP transactions. The main IP is 16.182.70.253, located in Ashburn, United States and belongs to AMAZON-02, US. The main domain is harldan.s3-website-us-east-1.amazonaws.com.
This is the only time harldan.s3-website-us-east-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    16.182.70.253 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-website-us-east-1.amazonaws.com
harldan.s3-website-us-east-1.amazonaws.com
5    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
pagead2.googlesyndication.com
2    18.154.227.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-111.iad55.r.cloudfront.net
wow.zamimg.com
1    2607:f8b0:4004:c19::5d (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
3    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
googleads.g.doubleclick.net
3    2607:f8b0:4004:c06::64 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    172.253.115.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f132.1e100.net
tpc.googlesyndication.com
1    142.251.163.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f147.1e100.net
www.google.com
8    172.253.115.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f102.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
www.google.com — Cisco Umbrella Rank: 2
70 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
265 KB
4 amazonaws.com
harldan.s3-website-us-east-1.amazonaws.com
167 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
2 zamimg.com
wow.zamimg.com — Cisco Umbrella Rank: 96164
102 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 66
30 6
Domain Requested by
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
5 pagead2.googlesyndication.com harldan.s3-website-us-east-1.amazonaws.com
pagead2.googlesyndication.com
4 harldan.s3-website-us-east-1.amazonaws.com harldan.s3-website-us-east-1.amazonaws.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 wow.zamimg.com harldan.s3-website-us-east-1.amazonaws.com
wow.zamimg.com
1 www.google.com tpc.googlesyndication.com
1 www.youtube.com harldan.s3-website-us-east-1.amazonaws.com
30 8

This site contains links to these domains. Also see Links.

Domain
discord.gg
docs.google.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.zamimg.com
Amazon RSA 2048 M01		 2023-09-21 -
2024-10-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://harldan.s3-website-us-east-1.amazonaws.com/
Frame ID: 6559F8B6995BC69E7FB070FCA1B91311
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2KrQHVb0BiU
Frame ID: ECF031E14882DE0F58BDC3DFFD7F3765
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7883128283586608&output=html&adk=1812271804&adf=3025194257&lmt=1696514468&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fharldan.s3-website-us-east-1.amazonaws.com%2F&pra=5&wgl=1&easpi=0&asro=0&dt=1713563616669&bpp=15&bdt=295&idt=393&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1595789344328&frm=20&pv=2&ga_vid=363149393.1713563617&ga_sid=1713563617&ga_hid=1868391118&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331023%2C31082770%2C44795922%2C31082890%2C21065724&oid=2&pvsid=4362631844461235&tmod=2062025333&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=414
Frame ID: AADBE1415E1DD119A9402F4575038CA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7883128283586608&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1635088244~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696514468&rafmt=1&to=qs&pwprc=7799982364&format=1200x280&url=http%3A%2F%2Fharldan.s3-website-us-east-1.amazonaws.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1713563616684&bpp=2&bdt=310&idt=419&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=1595789344328&frm=20&pv=1&ga_vid=363149393.1713563617&ga_sid=1713563617&ga_hid=1868391118&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331023%2C31082770%2C44795922%2C31082890%2C21065724&oid=2&pvsid=4362631844461235&tmod=2062025333&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=422
Frame ID: A85E063F8B854E429B4DE73C67BB071C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240417/r20110914/zrt_lookup_fy2021.html
Frame ID: 66B24D6400D1FBF5B7327E3F57F0F048
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D134928BAB351F5EAAA904F697A0AED
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CB520589B637C76776028B9FCC4DF6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Harldan's Guides

Page URL History Show full URLs

  1. http://harldan.s3-website-us-east-1.amazonaws.com/ HTTP 307
    https://harldan.s3-website-us-east-1.amazonaws.com/ HTTP 307
    http://harldan.s3-website-us-east-1.amazonaws.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

30
Requests

83 %
HTTPS

30 %
IPv6

6
Domains

8
Subdomains

11
IPs

1
Countries

604 kB
Transfer

1953 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://harldan.s3-website-us-east-1.amazonaws.com/ HTTP 307
    https://harldan.s3-website-us-east-1.amazonaws.com/ HTTP 307
    http://harldan.s3-website-us-east-1.amazonaws.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
harldan.s3-website-us-east-1.amazonaws.com/
Redirect Chain
  • http://harldan.s3-website-us-east-1.amazonaws.com/
  • https://harldan.s3-website-us-east-1.amazonaws.com/
  • http://harldan.s3-website-us-east-1.amazonaws.com/
76 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://harldan.s3-website-us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Server
16.182.70.253 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
729f5313bef3de4d9b183716ddd7121de41e5f731163b31bf7289518d06f1db6

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
77579
Content-Type
text/html
Date
Fri, 19 Apr 2024 21:53:37 GMT
ETag
"46b98e8a1e0a0a5a789c040e42b491c5"
Last-Modified
Thu, 05 Oct 2023 14:01:08 GMT
Server
AmazonS3
x-amz-id-2
ogT1xzPvu/p+l3CJF1ZAmGnM6ofVnvZXq0zKj3VcONAbt7LD8CWmNpO4KgHoQrsABW60vv+x84o=
x-amz-request-id
F6KVC90TN63YFJ1N

Redirect headers

Location
http://harldan.s3-website-us-east-1.amazonaws.com/
Non-Authoritative-Reason
HttpsUpgrades
style.css
harldan.s3-website-us-east-1.amazonaws.com/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://harldan.s3-website-us-east-1.amazonaws.com/style.css
Requested by
Host: harldan.s3-website-us-east-1.amazonaws.com
URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Server
16.182.70.253 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a72fc165491d2e43012eb4e72668f91676122664de29aff6fc06d41ee7b7fe6f

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Fri, 19 Apr 2024 21:53:37 GMT
Last-Modified
Sun, 26 Feb 2023 15:10:49 GMT
Server
AmazonS3
x-amz-request-id
F6KJQ3X7HJDTRMET
ETag
"0ac58bd9ae375f92771af29b5ab12cca"
Content-Type
text/css
Content-Length
2131
x-amz-id-2
JK2rJ92KVzecBWHI55d8UDP9DgHMOmCQdmrNNCcoOGdJ3Qn/Fz7S1shQGMkBVRpyIZxZnRfKT18=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7883128283586608
Requested by
Host: harldan.s3-website-us-east-1.amazonaws.com
URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
bda7e6c3361671be0c2f1b6308673c4c4c4ec70e146f327096088f76bffdf85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Origin
http://harldan.s3-website-us-east-1.amazonaws.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51149
x-xss-protection
0
server
cafe
etag
8613579363310613825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 19 Apr 2024 21:53:36 GMT
tooltips.js
wow.zamimg.com/js/ 		181 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wow.zamimg.com/js/tooltips.js
Requested by
Host: harldan.s3-website-us-east-1.amazonaws.com
URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-111.iad55.r.cloudfront.net
Software
/
Resource Hash
120b694f35caea6fffcffa5eca0f64022ef8f5c4068b3cd52efd5076f68ce736
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:31:47 GMT
content-encoding
gzip
via
1.1 6cf4081c1099e7ccfdba44532a13bc54.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 21:29:37 GMT
x-amz-cf-pop
IAD55-P5
age
1309
etag
W/"6622e241-2d489"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
UfhKHwEhTcW7SXKs28KWLJg8GBsoFu_YPwhIhdRCkXeJAGeSryGXrg==
expires
Fri, 19 Apr 2024 22:31:47 GMT
tucker1.jpg
harldan.s3-website-us-east-1.amazonaws.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://harldan.s3-website-us-east-1.amazonaws.com/images/tucker1.jpg
Requested by
Host: harldan.s3-website-us-east-1.amazonaws.com
URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Server
16.182.70.253 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b07b44316ec3cc0e53e0da9ba08f5fa52d4411f6b7173c45fb07004ce8d6c3b

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Fri, 19 Apr 2024 21:53:37 GMT
Last-Modified
Fri, 25 Nov 2022 20:01:57 GMT
Server
AmazonS3
x-amz-request-id
F6KG8D6Q45KBA4Z2
ETag
"9a4f8ad44ed17fcb9993e79b31f1b9fe"
Content-Type
image/jpeg
Content-Length
12561
x-amz-id-2
zYBNVtePgpBuNIEtFSAnNdG4UQKXrKsR2IwQkg8om1txV+peGKxTTws1mTTNAjeXCjbCjOEhneo=
universal.css
wow.zamimg.com/css/ 		650 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wow.zamimg.com/css/universal.css?19
Requested by
Host: wow.zamimg.com
URL: https://wow.zamimg.com/js/tooltips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-111.iad55.r.cloudfront.net
Software
/
Resource Hash
7798986cd57d838ed8c68451b0a69882856d6f0bb4b8df080e09a2cc1bfb1b28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 19:11:16 GMT
content-encoding
gzip
via
1.1 6cf4081c1099e7ccfdba44532a13bc54.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 17:22:18 GMT
x-amz-cf-pop
IAD55-P5
age
9740
etag
W/"6622a84a-a26cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=10800
x-amz-cf-id
rD7HCD_7yYA_W4Ps1f35OsOmHtXFjK5YAU69A1dt9Aj8G1nnXn9FRQ==
expires
Fri, 19 Apr 2024 22:11:16 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
2KrQHVb0BiU
www.youtube.com/embed/ Frame ECF0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/2KrQHVb0BiU
Requested by
Host: harldan.s3-website-us-east-1.amazonaws.com
URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Apr 2024 21:53:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/ 		412 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7883128283586608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
1a02f88bf890be64b89a3394fd7e6658afd26797aab18667cc72ba5d1b3083f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142869
x-xss-protection
0
server
cafe
etag
12498737544203691202
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 21:53:36 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AADB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7883128283586608&output=html&adk=1812271804&adf=3025194257&lmt=1696514468&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fharldan.s3-website-us-east-1.amazonaws.com%2F&pra=5&wgl=1&easpi=0&asro=0&dt=1713563616669&bpp=15&bdt=295&idt=393&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1595789344328&frm=20&pv=2&ga_vid=363149393.1713563617&ga_sid=1713563617&ga_hid=1868391118&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331023%2C31082770%2C44795922%2C31082890%2C21065724&oid=2&pvsid=4362631844461235&tmod=2062025333&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49940
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Apr 2024 21:53:37 GMT
expires
Fri, 19 Apr 2024 21:53:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A85E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7883128283586608&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1635088244~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696514468&rafmt=1&to=qs&pwprc=7799982364&format=1200x280&url=http%3A%2F%2Fharldan.s3-website-us-east-1.amazonaws.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1713563616684&bpp=2&bdt=310&idt=419&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=1595789344328&frm=20&pv=1&ga_vid=363149393.1713563617&ga_sid=1713563617&ga_hid=1868391118&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331023%2C31082770%2C44795922%2C31082890%2C21065724&oid=2&pvsid=4362631844461235&tmod=2062025333&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=422
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
47677
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Apr 2024 21:53:37 GMT
expires
Fri, 19 Apr 2024 21:53:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/reactive_library_fy2021.js?bust=31082890
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
a916029406cc30082e373844f141c43875e9daf399b04686a0adf5def4d588f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57759
x-xss-protection
0
server
cafe
etag
11070888486645031533
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 21:53:37 GMT
ca-pub-7883128283586608
fundingchoicesmessages.google.com/i/ 		180 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7883128283586608?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a739ca04cfa82553ed7fc111bda5317b6b055e2f11e03209d302db2f39748d5e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-snF7ihL3UFjbBxADK38Mfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-snF7ihL3UFjbBxADK38Mfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhbo5H57s3sgmsePCRHwDURCrc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240417/r20110914/ Frame 66B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240417/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
5230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Apr 2024 20:26:28 GMT
etag
5035419970550746386
expires
Fri, 03 May 2024 20:26:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUxcbN70pnHdISE16li7HkjNcWmcMoPbzZxISNebYMm6Mppz-aQybWThX5ko-EN_JsgyUw4UyjOtpFnhcefvI0hIZj-Xa-3op8FVKHxc_krSJK-kzA83K-1KMseKOesIWzHfUv6CA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUxcbN70pnHdISE16li7HkjNcWmcMoPbzZxISNebYMm6Mppz-aQybWThX5ko-EN_JsgyUw4UyjOtpFnhcefvI0hIZj-Xa-3op8FVKHxc_krSJK-kzA83K-1KMseKOesIWzHfUv6CA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzNTYzNjE4LDIwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL2hhcmxkYW4uczMtd2Vic2l0ZS11cy1lYXN0LTEuYW1hem9uYXdzLmNvbS8iLG51bGwsW1s4LCJtYmxJeFpLVVhIbyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc6ae8515bd7238c19619f5f7fd0f92db646d08fb537992088314c539f9e6af6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0c6NOKLJnfyqnPZjriqOOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-0c6NOKLJnfyqnPZjriqOOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhbo5H57s3sglsWHKuEgDRLSro"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXVUN7pmPxs2NzWjSgMZsebAVasp5-pUuCIwqNzvEF862T8DHlNY3ieBj4rgJ0NEk5Vjhwt8_ZcUThCQoIBq0UTUfPhek_PVo2EBMDmEblROqWQ6CrPUXd2CUn-CXHA5nDt3JmuGA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXVUN7pmPxs2NzWjSgMZsebAVasp5-pUuCIwqNzvEF862T8DHlNY3ieBj4rgJ0NEk5Vjhwt8_ZcUThCQoIBq0UTUfPhek_PVo2EBMDmEblROqWQ6CrPUXd2CUn-CXHA5nDt3JmuGA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzNTYzNjE4LDMwMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly9oYXJsZGFuLnMzLXdlYnNpdGUtdXMtZWFzdC0xLmFtYXpvbmF3cy5jb20vIixudWxsLFtbOCwibWJsSXhaS1VYSG8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1126e9723c534cef5de2e6e045f9b46929b55140f547004ffe7fd2cdbc40e27
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wbXwVF6U4TnSoqt_nC4MHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wbXwVF6U4TnSoqt_nC4MHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhHo5H57s3sgkc2Lh2OSMA-fIrDQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240417&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
25bec5236693a808582a0f3019369db99122aed4a8ae158dc042a10adc78f355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12449
x-xss-protection
0
favicon.ico
harldan.s3-website-us-east-1.amazonaws.com/ 		76 KB
76 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://harldan.s3-website-us-east-1.amazonaws.com/favicon.ico
Protocol
HTTP/1.1
Server
16.182.70.253 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-website-us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
729f5313bef3de4d9b183716ddd7121de41e5f731163b31bf7289518d06f1db6

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Fri, 19 Apr 2024 21:53:38 GMT
x-amz-error-code
NoSuchKey
Last-Modified
Thu, 05 Oct 2023 14:01:08 GMT
Server
AmazonS3
x-amz-request-id
43CC2M8JY3WJ6GW1
ETag
"46b98e8a1e0a0a5a789c040e42b491c5"
x-amz-error-message
The specified key does not exist.
Content-Type
text/html
x-amz-error-detail-Key
favicon.ico
Content-Length
77579
x-amz-id-2
yleCbojgwR0y6ZooLlRSUutmcSsSkKzXqhnhC7bT3FUAsp3o+VvGsNjQ+vATtuZ/QEBNUk/L7F8=
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js?bust=31082890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Apr 2024 21:53:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
65644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Apr 2024 03:39:34 GMT
expires
Sat, 19 Apr 2025 03:39:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7CB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f147.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-APQA4vzK2sMftmQVJGCuRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-APQA4vzK2sMftmQVJGCuRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Apr 2024 21:53:38 GMT
expires
Fri, 19 Apr 2024 21:53:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ad-issue.
fundingchoicesmessages.google.com/f/AGSKWxUglUMOi3B6S7sR0jLQIM6anF4BsG5JywTDOknrGviZL45DnFLPBUU2O2la95Q22FubDfxqyN1-M5KM5uu6cTaC99ooGr6ZNWq9xLKMrOYpul18svj79CMcPYhpZKVaDrSBuZNrFd4O_GGE33wEC4Rc7Q-Rm... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUglUMOi3B6S7sR0jLQIM6anF4BsG5JywTDOknrGviZL45DnFLPBUU2O2la95Q22FubDfxqyN1-M5KM5uu6cTaC99ooGr6ZNWq9xLKMrOYpul18svj79CMcPYhpZKVaDrSBuZNrFd4O_GGE33wEC4Rc7Q-RmMzPmd48BNr2dQKApcG9u0p0IQPJKQS_/__160x600./adinsert./oncc-ad..adgoitechnologie./ad-issue.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyH7bzuclhtqyocH9PnQTtLDPRxUw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
7560a718042b1dfc56a9d77da0ee10da3da5e20ab11b6fce7b9b907f6e72de09
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6UubBRuuCasRLJfoj85sDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6UubBRuuCasRLJfoj85sDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII0pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhbo7H57s3sgk0bJkkAADSDCoq"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyH7bzuclhtqyocH9PnQTtLDPRxUw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
67107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 May 2024 03:15:12 GMT
AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tkae54E7t3bdcfTSPytaTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-Tkae54E7t3bdcfTSPytaTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBiqGV4xtQKxE7pM1iDgFiIm-Px-e6NbAIL7vy3AwC8dQxV"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
http://harldan.s3-website-us-east-1.amazonaws.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-t-L3eopsFEfOmDrEPM2gaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-t-L3eopsFEfOmDrEPM2gaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1iDgFiIm-Px-e6NbAIHJp50AAC5eQvl"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
http://harldan.s3-website-us-east-1.amazonaws.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OQ6X3em0cFAgD5rsvFrVJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OQ6X3em0cFAgD5rsvFrVJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1iDgFiIm-Px-e6NbAIXNnbYAwC6fQva"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
http://harldan.s3-website-us-east-1.amazonaws.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JYyYu7cenhkbPBifk9aBEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JYyYu7cenhkbPBifk9aBEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1iDgFiIm-Px-e6NbAIN_TvsAbgvC5A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
http://harldan.s3-website-us-east-1.amazonaws.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXOYbpwLgJp0pGAtSqvsyMxE9N4vjYwKDSzSWoGYwk9X5vspSfXc5GBlXV_lhQOYRcGUN9qd35kDCD1mc5s94ZZPnKtkCPBBXf7DHuIpa2rh2nPcrZmtyyrCXLI4tt7I0jGNbuoEQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXOYbpwLgJp0pGAtSqvsyMxE9N4vjYwKDSzSWoGYwk9X5vspSfXc5GBlXV_lhQOYRcGUN9qd35kDCD1mc5s94ZZPnKtkCPBBXf7DHuIpa2rh2nPcrZmtyyrCXLI4tt7I0jGNbuoEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzNTYzNjE5LDc1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwOi8vaGFybGRhbi5zMy13ZWJzaXRlLXVzLWVhc3QtMS5hbWF6b25hd3MuY29tLyIsbnVsbCxbWzgsIm1ibEl4WktVWEhvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
c0a2f0296babc53b03f2cf1d3f2fea9e0af063ef16e7599f568a24442e41b1d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jCAZ3NWO2KW7UFmD5BzZTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-jCAZ3NWO2KW7UFmD5BzZTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhbo7H57s3sglMeHnMEgDR-CrI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUVRSZlkLbJnU_jagkQZ8pnw0l9G3fiL7-UvpPV35IFaB_asajxcv0g64Jd-HNGXx186aFGnIlnDcL8CYL0839bnJa1D2u9-fR9jwNV58Uv9YirHSmE1EFOtLnC0frWWPlauyYUSg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUVRSZlkLbJnU_jagkQZ8pnw0l9G3fiL7-UvpPV35IFaB_asajxcv0g64Jd-HNGXx186aFGnIlnDcL8CYL0839bnJa1D2u9-fR9jwNV58Uv9YirHSmE1EFOtLnC0frWWPlauyYUSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QlsQdgnkj5GRzg-Nuim8OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-QlsQdgnkj5GRzg-Nuim8OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1iDgFiIm-Px-e6NbAINTybFAQC5Igvf"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
http://harldan.s3-website-us-east-1.amazonaws.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUfivUmKzHiA5ZcmZLvRNftSDGRo1xJk4nMsC5kH7kiQT8xvfEzH03HItDyakqjRyr4sd4-dzBQPqAVri7EquZ1jJ84eN9OWe5nPjMGOYLLWvnqioXWAQ-LzO26et39nhVgAgs46g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMwJIriwT9WeMY6SNudr-U0PGs63fQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SHABW32rWl-C4iC1YVHo3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
http://harldan.s3-website-us-east-1.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Apr 2024 21:53:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SHABW32rWl-C4iC1YVHo3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBiqGV4xtQKxE7pM1iDgFiIm-Px-e6NbAIds_riALqNC6o"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
http://harldan.s3-website-us-east-1.amazonaws.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240417&jk=4362631844461235&bg=!SkmlSQbNAAZ55ZTXWeU7ADQBe5WfOMbtmAWxNjlvqZj38BDet3U1F-gV4mgsaIAcCzKG3JRnZAFFGJwTvkxNJQPOO6sQAgAAAEFSAAAAA2gBB34ANZOLdYXeY34dxIw5gc_keYJQ-cdj36EG0RoW1uI2tYI7amM6Vxkhmcm0pZiowyCtiMD08XSYmQLfGzrZmLTVC89_Nu75WM4-g2YXRAjyqFez8WxJgR9wPTKBn8kzTgWNFEuK1je4AnkeEnyBy0zSWFuM0jMeTtZgtkOqlQcjq_dWMUsg_T4vWNCNMmBag3KFxei1fr42NSgSQ2vVqNkL_GuKrA_sx3oti37stL-8bxuU0_TRW6yZW0ZfAV7JVE3MjCf1lSuTR5DBo5ZnhcshvWrE4gQzrZI9SAVb4yPUKJG7Vd060OK5DdTuy6BTXmYCPpZkZazxttD4Tk-dNbfs6HkDps8gpkqrZ4NrAyxkr42gq7sr3YJp-EaDQVEMYdJa6dpAdfuKN_khrYVzf3Md5JlVqbekyQEySNHk55S1Z9azNFCWdPMBlFmpIWIZs87wsr0LbXsoNY8anmZD9Eb2dgN1wG_i7quqsUbvz4aKy9rnWGpaka19YfI8jfVhmLR8yJOSdNChybJl9CRSrSQa1QthRRF_kQBy0fszRgl01_7NvpUMYqHHyYmJvF2bLZcGbNxw56E90DciJeCyWokrZHmcbQYArxW8TvgD9o8K_X81BLQQE_rZJWzzIvQ27esWP2iUl7426ljT5ADGMMRpfCVg-yXfvUHpq2-KkqCKCOuK_K_adQE2wxUtP1G7WP2YctkIE_PRuqESJ6Hxs6Ok5ux-qm-xpqmKm-HQoI7JOTyqnWb-Q0CA8LMfZZPHx9bQGlflCYfWkkjpp8IgEqrWDac9MqarLJ7-CkJZClZxnmt0KF8JaKPsLrjGd7-12drLW4kOE-25wNbWbmWR1xo5YYWQqSGq69G9Rmpe38qnYWgqip0QFFQWzqFNRMBSe8_2Mg2kZtFUOlTqaW8CdVZgwOczd_evcSARYxa54i2Bj2eAp4cCSWW7a9CVpJuXa8cbj6-zMTGTfWn_BNwRrQMOSy2hdruQt0e-vIR5rELxjWwbsNbTkT6U6TddefOOom1uLHE29fNdmuyQ6fBS5Dwm-WzBCCqCyMal

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| Icon object| WH object| g_itemScalingCallbacks object| Locale object| $WowheadPower object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googletag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ODdlN2QxMjVlNTM4MDc1N2xvYWRlcl9qcw== string| ODdlN2QxMjVlNTM4MDc1N2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| google_empty_script_included boolean| d8c83874-db2e-48a9-8428-ae143dfae1c4 object| google_image_requests

6 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: V7BhU-qLReM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Qnj982RYFiE
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgbg%3D%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUlfMdvXFXbEIxhn0e00pdw69v7hk41iDNGIz1nV3rpmYzBLKzYp1DJgheLQO5g
.googleadservices.com/ Name: ar_debug
Value: 1
.harldan.s3-website-us-east-1.amazonaws.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-Jx4qiWUkTfK30SLe6xiq657gkUCJU_jBdgsdyoSFgI0A7Vk2HmwxIeaixX3tMZl0PSBHIQZfB36zuxGtTIcjBTz89YVv-y_FbiiXiT2kdN8Nbzz16q1na-46Xyht_3Sd2dKdtiyHCJCxOaebYLflvX6lzjQ%3D%3D%22%5D%5D

36 Console Messages

Source Level URL
Text
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/(Line 41)
Message:
Unrecognized feature: 'web-share'.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: http://harldan.s3-website-us-east-1.amazonaws.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://harldan.s3-website-us-east-1.amazonaws.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
harldan.s3-website-us-east-1.amazonaws.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
wow.zamimg.com
www.google.com
www.youtube.com
pagead2.googlesyndication.com
142.251.163.147
16.182.70.253
172.253.115.102
172.253.115.132
172.253.122.156
172.253.62.154
18.154.227.111
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::84
2607:f8b0:4004:c19::5d
120b694f35caea6fffcffa5eca0f64022ef8f5c4068b3cd52efd5076f68ce736
1a02f88bf890be64b89a3394fd7e6658afd26797aab18667cc72ba5d1b3083f5
25bec5236693a808582a0f3019369db99122aed4a8ae158dc042a10adc78f355
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
729f5313bef3de4d9b183716ddd7121de41e5f731163b31bf7289518d06f1db6
7560a718042b1dfc56a9d77da0ee10da3da5e20ab11b6fce7b9b907f6e72de09
7798986cd57d838ed8c68451b0a69882856d6f0bb4b8df080e09a2cc1bfb1b28
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8b07b44316ec3cc0e53e0da9ba08f5fa52d4411f6b7173c45fb07004ce8d6c3b
a72fc165491d2e43012eb4e72668f91676122664de29aff6fc06d41ee7b7fe6f
a739ca04cfa82553ed7fc111bda5317b6b055e2f11e03209d302db2f39748d5e
a916029406cc30082e373844f141c43875e9daf399b04686a0adf5def4d588f0
bda7e6c3361671be0c2f1b6308673c4c4c4ec70e146f327096088f76bffdf85b
c0a2f0296babc53b03f2cf1d3f2fea9e0af063ef16e7599f568a24442e41b1d8
cc6ae8515bd7238c19619f5f7fd0f92db646d08fb537992088314c539f9e6af6
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d1126e9723c534cef5de2e6e045f9b46929b55140f547004ffe7fd2cdbc40e27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855