pontiarmada.com Open in urlscan Pro
199.204.248.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://alfamanosidosis.mx/
Effective URL:
http://pontiarmada.com/
Submission Tags: falconsandbox
Submission: On August 17 via api (August 17th 2021, 7:44:34 pm UTC) from US

Summary HTTP 99 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 99 HTTP transactions. The main IP is 199.204.248.104, located in United States and belongs to AS17054, US. The main domain is pontiarmada.com.

This is the only time pontiarmada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	154.13.86.37 154.13.86.37	263157 (Tu Casa I...) (Tu Casa Inalambrica de Mexico SA de CV)
22	199.204.248.104 199.204.248.104	17054 (AS17054) (AS17054)
12	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	142.250.185.82 142.250.185.82	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2012	15169 (GOOGLE) (GOOGLE)
99	16

1 154.13.86.37 (Coyoacán, Mexico) 1 redirects

ASN263157 (Tu Casa Inalambrica de Mexico SA de CV, MX)

alfamanosidosis.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 199.204.248.104 (United States)

ASN17054 (AS17054, US)
PTR: cpanel04.myhostcenter.com

redirect4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pontiarmada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.82 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f18.1e100.net

p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	549 KB
21	pontiarmada.com pontiarmada.com	566 KB
17	doubleclick.net googleads.g.doubleclick.net	100 KB
7	ampproject.org cdn.ampproject.org	126 KB
7	gstatic.com fonts.gstatic.com p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i1-v6exp3.v4.metric.gstatic.com p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i2-v6exp3.ds.metric.gstatic.com	34 KB
5	google.com 3 redirects adservice.google.com www.google.com	1 KB
4	googletagservices.com www.googletagservices.com	140 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	googletagmanager.com www.googletagmanager.com	41 KB
1	redirect4.xyz redirect4.xyz	313 B
1	alfamanosidosis.mx 1 redirects alfamanosidosis.mx	242 B
99	13

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	pontiarmada.com	pontiarmada.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	pontiarmada.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	pontiarmada.com
2	p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i2-v6exp3.ds.metric.gstatic.com
1	p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i1-v6exp3.v4.metric.gstatic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	pontiarmada.com
1	redirect4.xyz
1	alfamanosidosis.mx	1 redirects
99	18

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://pontiarmada.com/
Frame ID: 4062DFD4A76B37727358CF60A9901A9E
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: C15F18E145E236D88177A4F47E3A2AEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1629229457&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fpontiarmada.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1629229457160&bpp=2&bdt=1124&idt=168&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7471306540262&frm=20&pv=2&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=186
Frame ID: 9324FF2DEE0EB406DCF2D065304302C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2759094932&adf=3958522997&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457182&bpp=2&bdt=1146&idt=178&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FzTNwlPOO0&p=http%3A//pontiarmada.com&dtd=183
Frame ID: B1E5F7A5011C913E0BDCCA291651793E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193
Frame ID: FA7CCF3C3526585188B80838D5ECBD05
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2400779360&adf=153553307&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457218&bpp=1&bdt=1182&idt=161&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0hYJPP7r4T&p=http%3A//pontiarmada.com&dtd=163
Frame ID: 5F0328F095B82F8670773F9E5DD9AF13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457225&bpp=16&bdt=1189&idt=158&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=erv9HpU4ig&p=http%3A//pontiarmada.com&dtd=160
Frame ID: 9D849B65145D42FB7B34F085F2AAE002
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457241&bpp=4&bdt=1205&idt=149&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90%2C310x250&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BTvucE0wny&p=http%3A//pontiarmada.com&dtd=151
Frame ID: CC1330F696C95596AC38A767E4CA0180
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 916670C68AF5E8A127CB28DECC39F83C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Frame ID: B2D4CC8B760DC6E84AAD7948C2C55358
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 27EC29DA79B631A508696D5B6E5C485B
Requests: 2 HTTP requests in this frame

Frame: https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: FFC859AF6A6BA92B1B22447276FCE4ED
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D2B3F9CFD2EDF39A17A975EFB89937C9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Frame ID: CDAE08EA80D8BEE0C2A570850618A771
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Frame ID: BAB4FD18084C57333B29EED4DB4BB894
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 96DDA65BADA23158CF4CCCF7FEF9F27D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 301F1F86270925C1E500F63D6647AF98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://alfamanosidosis.mx/ HTTP 301
http://redirect4.xyz/ Page URL
http://pontiarmada.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

99
Requests

77 %
HTTPS

69 %
IPv6

13
Domains

18
Subdomains

16
IPs

3
Countries

1577 kB
Transfer

3034 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://alfamanosidosis.mx/ HTTP 301
http://redirect4.xyz/ Page URL
http://pontiarmada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://alfamanosidosis.mx/ HTTP 301
http://redirect4.xyz/

Request Chain 50

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

99 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
redirect4.xyz/
Redirect Chain

http://alfamanosidosis.mx/
http://redirect4.xyz/

106 B
313 B

432ms
302ms

Document
text/html

199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://redirect4.xyz/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 460ac7e591c959c841ef475d73e2b7b7a6496646459cab6c26d9e1e1e106f1fa

Request headers

Host: redirect4.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:03 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 17 Aug 2021 19:44:14 GMT
Server: Apache
Location: http://redirect4.xyz/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Primary Request / Show response
pontiarmada.com/ 27 KB
28 KB 919ms
779ms Document
text/html 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 87e6e09a388ab24805eb8da793901f01072ac928d956c13c7f408f602d48da88

Request headers

Host: pontiarmada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://redirect4.xyz/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://redirect4.xyz/

Response headers

Date: Tue, 17 Aug 2021 19:44:03 GMT
Server: Apache
Link: <http://pontiarmada.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.min.css
pontiarmada.com/wp-includes/css/dist/block-library/ 25 KB
25 KB 230ms
216ms Stylesheet
text/css 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/css/dist/block-library/style.min.css?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Tue, 04 Jun 2019 04:39:35 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25658

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
pontiarmada.com/wp-includes/js/ 12 KB
12 KB 233ms
219ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/wp-emoji-release.min.js?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Thu, 15 Apr 2021 14:39:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11943

GET
H/1.1 200
OK foundation.min.css
pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/css/ 74 KB
74 KB 129ms
116ms Stylesheet
text/css 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/css/foundation.min.css?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: c8257285ff028dbe7e88750e3b5cb973c95f16aa81b6b5d8cc050cdf5f702ec8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 75710

GET
H/1.1 200
OK custom-fonts.css
pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/ 11 KB
11 KB 238ms
223ms Stylesheet
text/css 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/custom-fonts.css?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: f354ac0964036e2655926b00b97dd3aa88ebf594031d0b094ba09e9c9d4e366c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11386

GET
H/1.1 200
OK font-awesome.css
pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/ 32 KB
33 KB 232ms
217ms Stylesheet
text/css 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/font-awesome.css?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 27bcaf5156b678a1a4d243b255561fb5d3e5191fb08d4e27e01b0e7960f8ea09

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33257

GET
H/1.1 200
OK style.css
pontiarmada.com/wp-content/themes/responsiveness/ 83 KB
83 KB 524ms
337ms Stylesheet
text/css 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/style.css?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: f04858f6b85b6bc28eb4c790e576ecbf47687cb839e746b5656b2cf2ed3a6a4d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 84552

GET
H/1.1 200
OK dashicons.min.css
pontiarmada.com/wp-includes/css/ 45 KB
46 KB 353ms
117ms Stylesheet
text/css 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/css/dashicons.min.css?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Sun, 14 Jan 2018 11:42:09 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 46360

GET
H/1.1 200
OK jquery.js Show response
pontiarmada.com/wp-includes/js/jquery/ 95 KB
95 KB 355ms
118ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Thu, 05 Sep 2019 02:38:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 96874

GET
H/1.1 200
OK jquery-migrate.min.js Show response
pontiarmada.com/wp-includes/js/jquery/ 10 KB
10 KB 372ms
118ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Fri, 20 May 2016 15:41:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10056

GET
H/1.1 200
OK foundation.min.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/js/ 103 KB
104 KB 669ms
332ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/foundation/js/foundation.min.js?ver=1
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 27aa16d30fba03663851d0e3ae817ddea9fbb8ff37bb91e60015e7f27e1f6d18

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 105837

GET
H/1.1 200
OK foundation.js Show response
pontiarmada.com/wp-content/themes/responsiveness/ 142 B
396 B 474ms
116ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/foundation.js?ver=1
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 396400a41b96c582794a8ca60ad2a7269537dd8a84e84d979abbc4350dcf4744

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 142

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 60ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

710b3bce7f8c81e1d3db6b430dcf98e7c401e21df396b3b46025cecc472af1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49892
x-xss-protection: 0
server: cafe
etag: 800546125579106767
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

710b3bce7f8c81e1d3db6b430dcf98e7c401e21df396b3b46025cecc472af1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 17 Aug 2021 19:44:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 800546125579106767
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49892
X-XSS-Protection: 0
Expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H/1.1 200
OK navigation-custom.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 2 KB
2 KB 481ms
118ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/navigation-custom.js?ver=20120206
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: ae680a317a550a5c897714e2f379dc493a83ae2da421c1ad73a17198e074c0e3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:04 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1905

GET
H/1.1 200
OK toggle-search.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 2 KB
2 KB 579ms
116ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/toggle-search.js?ver=20150925
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 406f3c16fae88e2e1f681820091b978d2db783a8ac4736a4e85a47fe29fb908a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2006

GET
H/1.1 200
OK imagesloaded.min.js Show response
pontiarmada.com/wp-includes/js/ 8 KB
8 KB 600ms
119ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: de761c17eac4e98f0e21f49fa3929adcf3ff8c25aa5d78ea67ac88085fbf3f8d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Thu, 15 Apr 2021 14:39:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7855

GET
H/1.1 200
OK masonry.min.js Show response
pontiarmada.com/wp-includes/js/ 28 KB
29 KB 667ms
115ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Wed, 29 Jun 2016 04:18:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 28954

GET
H/1.1 200
OK masonry-settings.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 201 B
455 B 696ms
117ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/masonry-settings.js?ver=20150925
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 399db455d154502a629bc10f29a2f8d218fbaaa413386a12a6fdfeed79a073ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 201

GET
H/1.1 200
OK topbutton.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 583 B
837 B 720ms
118ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/topbutton.js?ver=20150926
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 64a971e7cb92f4f5884415b305a42038b0500a8347e855626c3c5cc15de4982e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 583

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
pontiarmada.com/wp-content/themes/responsiveness/assets/js/ 880 B
1 KB 789ms
118ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Sun, 14 Jan 2018 11:53:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 880

GET
H/1.1 200
OK wp-embed.min.js Show response
pontiarmada.com/wp-includes/js/ 1 KB
2 KB 813ms
117ms Script
application/javascript 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to

Full URL: http://pontiarmada.com/wp-includes/js/wp-embed.min.js?ver=5.0.13
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Thu, 15 Apr 2021 14:39:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1391

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
41 KB 40ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f564a057750347ef1e66a3bc678df882710168f943a265672d8dbf261111e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41070
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 18:45:53 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H/1.1 200
OK background.png
pontiarmada.com/wp-content/uploads/2018/01/ 118 B
359 B 115ms
114ms Image
image/png 199.204.248.104
AS17054

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pontiarmada.com/wp-content/uploads/2018/01/background.png
Requested by: Host: pontiarmada.com
URL: http://pontiarmada.com/
Protocol: HTTP/1.1
Server: 199.204.248.104 , United States, ASN17054 (AS17054, US),
Reverse DNS: cpanel04.myhostcenter.com
Software: Apache /
Resource Hash: deb36e1415642450583c55b48127df16c5faf6cdb7b13a85da498aebdc3bf6b2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pontiarmada.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://pontiarmada.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:44:05 GMT
Last-Modified: Sun, 14 Jan 2018 12:07:01 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 118

GET
H2 200 oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
fonts.gstatic.com/s/roboto/v16/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v16/oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/custom-fonts.css?ver=5.0.13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b5c12e446c257987f54808ff0a35764fbaf56d4ae466b292d49a28a0a121235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://pontiarmada.com
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:42:23 GMT
x-content-type-options: nosniff
age: 79314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10200
x-xss-protection: 0
last-modified: Mon, 17 Apr 2017 21:21:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:42:23 GMT

GET
H2 200 d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/roboto/v16/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v16/d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/custom-fonts.css?ver=5.0.13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b14986d5590994b2fdb27fbfde2f407791d5822f4609939af1b3943052ee53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://pontiarmada.com
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:32:07 GMT
x-content-type-options: nosniff
age: 90730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10208
x-xss-protection: 0
last-modified: Mon, 17 Apr 2017 21:21:51 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:32:07 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891303795668056&plah=pontiarmada.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame C15F 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 16 Aug 2021 20:11:15 GMT
expires: Mon, 30 Aug 2021 20:11:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 84782
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Hgo13k-tfSpn0qi1SFdUfZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/roboto/v16/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v16/Hgo13k-tfSpn0qi1SFdUfZBw1xU1rKptJj_0jans920.woff2

Requested by

Host: pontiarmada.com
URL: http://pontiarmada.com/wp-content/themes/responsiveness/assets/fonts/custom-fonts.css?ver=5.0.13

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1d59c2ea2d1c826a490c6d0931bfd655f5fda75e7fce4ab514a6ab542a43011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://pontiarmada.com
Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 04:28:19 GMT
x-content-type-options: nosniff
age: 54958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10304
x-xss-protection: 0
last-modified: Mon, 17 Apr 2017 21:22:14 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 04:28:19 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
659 B 90ms
33ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pontiarmada.com&callback=_gfp_s_&client=ca-pub-8891303795668056

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891303795668056&plah=pontiarmada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

de97e1d6973ba23f7ce5953eb2c96f528b187bae8068e59ad98e83d8054d8ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pontiarmada.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pontiarmada.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9324 13 KB
5 KB 327ms
313ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1629229457&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fpontiarmada.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1629229457160&bpp=2&bdt=1124&idt=168&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7471306540262&frm=20&pv=2&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=186

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

402884f55da3602e4f551b41c9d5a34ac4eef2de8aecdb4d4e4b6c7596e484ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8891303795668056&output=html&adk=1812271804&adf=3025194257&lmt=1629229457&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fpontiarmada.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1629229457160&bpp=2&bdt=1124&idt=168&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7471306540262&frm=20&pv=2&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Aug 2021 19:44:17 GMT
server: cafe
content-length: 4633
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 19:59:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:17 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113446242536"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1E5 70 KB
25 KB 293ms
292ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2759094932&adf=3958522997&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457182&bpp=2&bdt=1146&idt=178&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FzTNwlPOO0&p=http%3A//pontiarmada.com&dtd=183

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

787ff23f3c8f9352ee95098469a8626af9cfbaba5caf727af60c9f9e808ed5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2759094932&adf=3958522997&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457182&bpp=2&bdt=1146&idt=178&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FzTNwlPOO0&p=http%3A//pontiarmada.com&dtd=183
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Aug 2021 19:44:17 GMT
server: cafe
content-length: 25944
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 19:59:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:17 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107533837-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 1836
date: Tue, 17 Aug 2021 19:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 17 Aug 2021 21:13:41 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA7C 70 KB
13 KB 446ms
446ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea1b13d413469175cc25babc68cbe7973d941c3eeb9eace7cc20bf55a52258d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Aug 2021 19:44:17 GMT
server: cafe
content-length: 12953
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 19:59:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:17 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F03 436 B
236 B 227ms
227ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2400779360&adf=153553307&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457218&bpp=1&bdt=1182&idt=161&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0hYJPP7r4T&p=http%3A//pontiarmada.com&dtd=163

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

102b97520358e94c1ebdf9084dea7d7db812ca4970813f73bfc2801fe6cefad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2400779360&adf=153553307&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457218&bpp=1&bdt=1182&idt=161&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0hYJPP7r4T&p=http%3A//pontiarmada.com&dtd=163
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Aug 2021 19:44:17 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 19:59:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:17 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D84 66 KB
25 KB 479ms
479ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457225&bpp=16&bdt=1189&idt=158&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=erv9HpU4ig&p=http%3A//pontiarmada.com&dtd=160

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf98b51238b4da661dce9d093d28e20460ea2a1745848c2e6e63460e86efe771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457225&bpp=16&bdt=1189&idt=158&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=erv9HpU4ig&p=http%3A//pontiarmada.com&dtd=160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Aug 2021 19:44:17 GMT
server: cafe
content-length: 25187
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 19:59:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:17 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC13 89 KB
27 KB 570ms
570ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457241&bpp=4&bdt=1205&idt=149&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90%2C310x250&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BTvucE0wny&p=http%3A//pontiarmada.com&dtd=151

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1961665c377c007b4e2a25deb6e01a10cc01d00253f89e3236a6cef86b0818f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457241&bpp=4&bdt=1205&idt=149&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90%2C310x250&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BTvucE0wny&p=http%3A//pontiarmada.com&dtd=151
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 17 Aug 2021 19:44:17 GMT
server: cafe
content-length: 27842
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 19:59:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:17 GMT
cache-control: private

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1083427679&t=pageview&_s=1&dl=http%3A%2F%2Fpontiarmada.com%2F&dr=http%3A%2F%2Fredirect4.xyz%2F&ul=en-us&de=UTF-8&dt=SPORT%20NEWS%20%E2%80%93%20pontiarmada.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1729677636&gjid=145788019&cid=1593364832.1629229457&tid=UA-107533837-1&_gid=1486333054.1629229457&_r=1&gtm=2ou8g0&z=683320203

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:44:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://pontiarmada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10524645821016349339
tpc.googlesyndication.com/daca_images/simgad/ Frame B1E5 24 KB
24 KB 34ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10524645821016349339

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2759094932&adf=3958522997&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457182&bpp=2&bdt=1146&idt=178&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FzTNwlPOO0&p=http%3A//pontiarmada.com&dtd=183

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755b8b7b5bcf893e57243e1363ef3ec44bbee4c43d7e3e92261e6e1f25d48b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:25:57 GMT
x-content-type-options: nosniff
age: 11900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24605
x-xss-protection: 0
last-modified: Wed, 12 May 2021 13:27:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 16:25:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame B1E5 18 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:37:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame B1E5 2 KB
1 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:40:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1E5 124 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame B1E5 14 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:37:32 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame B1E5 26 KB
11 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 8915488205478863544
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 15:35:19 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1E5 0
0 32ms
31ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-QYlkREcYf61F5vH7_UP__OjwAjD65feYvLnxPTzDaLUyafcJBABINXo1EZglQKgAYiE_OUDyAECqQLaQb9jALSzPqgDAcgDyQSqBLMBT9BtAfGXLtpXrNPuOf5JI_wwIYYnjjsHMXE1PaIcv2zI3azNVQC5cyh5O7MPwT8IU7eSM02oiZ298PglS9a0tj7kqge1lGJODrU2cMW1T88MCm7yQP7et9-Ykb69N7SDkoiXec3O3-LygMNzENYOiRhPOYUheI4_P2MMoUeqrHfi-EMwEU7BSXJrNxQyLdRCuzlNNvWFFg2uYOLSitGTLO0NHeLDWDIysEKg2rItBmUu2mvABOuZ5aDcA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfr2s5nqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEObHAdIICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi04ODkxMzAzNzk1NjY4MDU2GAA&sigh=lqjDCvkj0a0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2759094932&adf=3958522997&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457182&bpp=2&bdt=1146&idt=178&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FzTNwlPOO0&p=http%3A//pontiarmada.com&dtd=183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 17 Aug 2021 19:44:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9166 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2759094932&adf=3958522997&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457182&bpp=2&bdt=1146&idt=178&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FzTNwlPOO0&p=http%3A//pontiarmada.com&dtd=183
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAWCUk80dk_dszQQlTTn3lMR3LXPVrm8GcxbaWhZSozkjV28I_O0fvC6OzOSU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=2759094932&adf=3958522997&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457182&bpp=2&bdt=1146&idt=178&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FzTNwlPOO0&p=http%3A//pontiarmada.com&dtd=183

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 17 Aug 2021 19:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 80
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B1E5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07606e970149e2323182760ae532a9d2bd3fa091fb91245bfe443ebf73ff2f94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9166
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAWCUk80dk_dszQQlTTn3lMR3LXPVrm8GcxbaWhZSozkjV28I_O0fvC6OzOSU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 17 Aug 2021 19:44:17 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 17-Aug-2021 20:44:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:17 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 17 Aug 2021 19:44:17 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame B2D4 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 09:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 09:11:54 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108100143000/ Frame FA7C 188 KB
55 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 25118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55213
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2f5786613d323c5a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame FA7C 13 KB
5 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 25118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4877
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0140540fbe581c13"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame FA7C 89 KB
28 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 25118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07ab47082d8b4bd2"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame FA7C 71 KB
16 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c656d8e672d469ced91198a70c923478b581bf26c0470d5fa0c965e6c54e6fc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 25117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16668
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "93066ac4a12f382a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame FA7C 4 KB
2 KB 37ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 25118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "758b6350805b356b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame FA7C 40 KB
13 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 25118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12835
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9aa942d03505fee"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:39 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA7C 2 KB
2 KB 31ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 59099
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 18 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA7C 295 B
319 B 23ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 23796
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 18 Aug 2021 13:07:41 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame FA7C 0
17 B 38ms
37ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVckWkREcYefzF9Oe7_UPgpSu4AT21YuJZLWe8sinDbPMk-qPJxABINXo1EZglQKgAa6ezLsCyAEJqQIMBapZtaazPqgDAcgDCKoErgFP0N26by67KOXHsqFx1hPS0o7pCZTnLfsKfHxa4oeijMoDfDsfFDbSozubM1Q_FYKSg9S1ZlzRmPxSfyQ3lEU9XBOlYBSAIxT4eW2VsFms62x3zeRv3UMU7r3zrDZEnOQ4q7dbataEVU2yNd0LawVXaBp0iqkUleC8NKhjJtQcXUelcAKmlekMRvpu6OkwfneSicegjCCll-AO7rE-g_tYcNbwYLxZj2ZIbyqpcIPABJSMqaS6A5IFBAgEGAGSBQQIBRgEoAYugAeshtWDAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCmkwLSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODg5MTMwMzc5NTY2ODA1NhgA&sigh=tpln6-8d8fU&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 17 Aug 2021 19:44:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 2061216199228400901
tpc.googlesyndication.com/simgad/ Frame 9D84 46 KB
46 KB 24ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2061216199228400901?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlNAd1ydz6o0Ge5AP9_uPsX76O-Bw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457225&bpp=16&bdt=1189&idt=158&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=erv9HpU4ig&p=http%3A//pontiarmada.com&dtd=160

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4225dcdaff1f0a89290907bd67193c194ff73f1699c04e9a20c2c8ca2716ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 15:39:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 15:00:25 GMT
server: sffe
age: 533097
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46852
x-xss-protection: 0
expires: Thu, 11 Aug 2022 15:39:20 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 9D84 18 KB
7 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:37:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 9D84 2 KB
1 KB 21ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:38:44 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D84 124 KB
37 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Tue, 17 Aug 2021 19:44:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 9D84 14 KB
6 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:42:38 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 9D84 26 KB
11 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 8915488205478863544
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 15:35:19 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D84 0
0 36ms
35ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF_ZPkREcYda0GJfn7_UPvaOtOKTMwLFkku-4wq8O6ZeUjZ8jEAEg1ejURmCVAqABh6Kp3ALIAQKoAwHIA8kEqgSsAU_Q-MOIZTP3H8JMd-A2nr-Y4ZxBU-bdWJ85HIukzM4HIlky8mAymbnNd77ZlOgH9Vukl5lMUfNlrvCAP6toCYBOVdAM9q6RDfzJCevmf0DU0lqcwamAojqePWAvWaTUZCkH-xQbrxg6Di76IqeO-dEQULXdxPx5DdGu7e664O_W2Iw1NTHqkeDBOoCdZuOXV1jQfQQh-RbL9m7fAs3TNooIAErmn08qtiL-GsjABIum9bm_A5IFBAgEGAGSBQQIBRgEoAYCgAfY_fjdAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCfuALSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODg5MTMwMzc5NTY2ODA1NhgA&sigh=nGjP1rAZoIE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457225&bpp=16&bdt=1189&idt=158&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=erv9HpU4ig&p=http%3A//pontiarmada.com&dtd=160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 17 Aug 2021 19:44:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FA7C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654a0dde8e2f2e85f98cec5a1dd0ff6df5fefb9bc8f008a1c8f834fefbfc1592

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bg_1.jpg
tpc.googlesyndication.com/sadbundle/4013491193209311535/img/ Frame FA7C 37 KB
37 KB 18ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4013491193209311535/img/bg_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1872c0d436afdbed5ad5dc89e575ea8fa0790fda0764f7446c93850a52348a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 22:03:08 GMT
x-content-type-options: nosniff
age: 596469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38093
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:09:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 22:03:08 GMT

GET
H3-29 200 bg_2.jpg
tpc.googlesyndication.com/sadbundle/4013491193209311535/img/ Frame FA7C 35 KB
35 KB 22ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4013491193209311535/img/bg_2.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a04b66831af8f8f0b15d8b20dc53748e0d5e3506e9a7789ac040a1fb73f3fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:43:32 GMT
x-content-type-options: nosniff
age: 360045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36082
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:09:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 15:43:32 GMT

GET
H3-29 200 banner.png
tpc.googlesyndication.com/sadbundle/4013491193209311535/img/ Frame FA7C 16 KB
16 KB 24ms
19ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4013491193209311535/img/banner.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c796e1c462a626be64baaa394933a68a23e163a62dbb5d1cc8a763e487fc2303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 17:23:14 GMT
x-content-type-options: nosniff
age: 354063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16723
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:09:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 17:23:14 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27EC 143 B
163 B 12ms
12ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457225&bpp=16&bdt=1189&idt=158&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=erv9HpU4ig&p=http%3A//pontiarmada.com&dtd=160
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAWCUk80dk_dszQQlTTn3lMR3LXPVrm8GcxbaWhZSozkjV28I_O0fvC6OzOSU; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=9200663831&adk=1139646415&adf=3591968409&pi=t.ma~as.9200663831&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457225&bpp=16&bdt=1189&idt=158&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=erv9HpU4ig&p=http%3A//pontiarmada.com&dtd=160

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 17 Aug 2021 19:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 80
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame FFC8 247 B
806 B 127ms
34ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

23c354ca498aefbb9e238a7802869849f4d2a62c99e7db62d85cb28417c6eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-Z-G1CTVqgvxqMqPPlwVKVw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 203
date: Tue, 17 Aug 2021 19:44:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9D84 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54bbcc3f77bfc9f69aa09ba55c4fd23f145a9d8eff58f74e2ce4dc42ddad1b1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012108100143000/ 20 KB
7 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f21c36cb9b6db66c53637b9d92f2fd869cb564d7cede035edd343c75a934f396

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 25118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 12:45:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a074324ef190b333"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:45:40 GMT

GET
H3-29 200 2061216199228400901
tpc.googlesyndication.com/simgad/ Frame CC13 46 KB
46 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2061216199228400901?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlNAd1ydz6o0Ge5AP9_uPsX76O-Bw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457241&bpp=4&bdt=1205&idt=149&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90%2C310x250&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BTvucE0wny&p=http%3A//pontiarmada.com&dtd=151

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4225dcdaff1f0a89290907bd67193c194ff73f1699c04e9a20c2c8ca2716ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 15:39:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 15:00:25 GMT
server: sffe
age: 533098
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46852
x-xss-protection: 0
expires: Thu, 11 Aug 2022 15:39:20 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame CC13 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:37:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame CC13 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:38:44 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame CC13 67 B
94 B 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 05:38:05 GMT
x-content-type-options: nosniff
server: cafe
age: 50773
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 18 Aug 2021 05:38:05 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC13 0
0 33ms
31ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CD3oVkREcYYPhGPSslQfj-LHoCKTMwLFkku-4wq8O6ZeUjZ8jEAEg1ejURmCVAqABh6Kp3ALIAQKoAwHIA8kEqgSyAU_QCoQEh1HU4kMT0RAozfNrTmZ0OG6Fvh63_Anw6ynpPanOoA2jcVrkik-heWR3tVG1KARFGCGveoXvUevZ1gjbzfNgH5RRbiYvshf7Yj6WSNWiDDMX2ZgdFmsrf3M4WJ3EJYe2HSaCeiIPCsjoi4B7mEF_S2YcUThKwNQQw-KPwXGa3Lfv-h8Xt2qCbSbTyV9UGl3cr5tzNTGFPaZBcrLN7-g8-zF5Ag53eUcB7Hc7nIXABIum9bm_A5IFBAgEGAGSBQQIBRgEoAYCgAfY_fjdAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD30wLSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODg5MTMwMzc5NTY2ODA1NhgA&sigh=EddhIuArs4U

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457241&bpp=4&bdt=1205&idt=149&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90%2C310x250&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BTvucE0wny&p=http%3A//pontiarmada.com&dtd=151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 17 Aug 2021 19:44:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC13 124 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Tue, 17 Aug 2021 19:44:18 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame CC13 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:42:38 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame CC13 26 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 8915488205478863544
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Aug 2021 15:35:19 GMT

GET
H3-29 200 iframe.html Show response
p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame FFC8 4 KB
2 KB 64ms
32ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

415de8a31d7f4a2dbbd4b2416115bcc6d29c8a954e3ca8db47c5e55996e49ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-TcrpJMlr7IB6SUQxY5alLw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1862
date: Tue, 17 Aug 2021 19:44:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27EC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
15ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAWCUk80dk_dszQQlTTn3lMR3LXPVrm8GcxbaWhZSozkjV28I_O0fvC6OzOSU; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 17 Aug 2021 19:44:18 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 17-Aug-2021 20:44:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 17 Aug 2021 19:44:18 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D2B3 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457241&bpp=4&bdt=1205&idt=149&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90%2C310x250&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BTvucE0wny&p=http%3A//pontiarmada.com&dtd=151
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAWCUk80dk_dszQQlTTn3lMR3LXPVrm8GcxbaWhZSozkjV28I_O0fvC6OzOSU; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=250&slotname=5884375634&adk=803844250&adf=3733193884&pi=t.ma~as.5884375634&w=310&fwrn=4&fwrnh=100&lmt=1629229457&rafmt=1&psa=0&format=310x250&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1629229457241&bpp=4&bdt=1205&idt=149&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C728x90%2C310x250&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=1368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BTvucE0wny&p=http%3A//pontiarmada.com&dtd=151

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 17 Aug 2021 19:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 81
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CC13 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 882e9de4d209dad9c10c7074054bc1b7857959067a6172380c6ac96f5e1015a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 34ms
20ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98bf26621c35312f8b6e3a87dd6f70c51c74d6e7a48cbff3d883910b49b24647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 19:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8549
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D2B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAWCUk80dk_dszQQlTTn3lMR3LXPVrm8GcxbaWhZSozkjV28I_O0fvC6OzOSU; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 17 Aug 2021 19:44:18 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 17-Aug-2021 20:44:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 17 Aug 2021 19:44:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 17 Aug 2021 19:44:18 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame CDAE 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 09:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 09:11:54 GMT

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame BAB4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 09:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 09:11:54 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 17 Aug 2021 19:44:18 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 96DD 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 17 Aug 2021 19:11:53 GMT
expires: Wed, 17 Aug 2022 19:11:53 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 301F 783 B
532 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b38c8908cf207bbf1932099cb9c14dee15f49280c4add3807cfee31453ddfcf4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A8IdHIUMbcKlZ6JtzzsLuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://pontiarmada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pontiarmada.com/

Response headers

expires: Tue, 17 Aug 2021 19:44:18 GMT
date: Tue, 17 Aug 2021 19:44:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-A8IdHIUMbcKlZ6JtzzsLuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame 96DD 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 09:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 09:11:54 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
27ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=1501560554310264&bg=!eHulez_NAAZvV8FTb1c7ACkAdvg8Win8aMfhhPuzRACF_Ku_Lsubsg7T9X2nXlBf6MQbxuTVRAR33gIAAAByUgAAAA1oAQeZAnfCvyYU4rvkFUUre8AuNWUWU2mMbr9fnTtCde1skOEcxTFHLYvzRQ6Az-NLrdjWhk_ilP8kgAihs1_tyiOX9fvW0_OBw6PCiBPejFjZSyXDTf71aaCSVkQaKQe7TVXtY0inEy4_fBWpZo63701_IsirXVkeSKd5-ttjFi42GYeepiuqP9stlUowkE35Gyucb8eLaXx_orjJtC4hCIEWBr_fD8IKdOjd8aFMGsW9wLDfSBMeCkQl80KXjBPodx9uH73YLuoHfz6MZSj8EgsXNjBmDc9fDzjdzfhpf_TTQLciJ-SAlV-XSGZNT_O507pozvGICajj5dUuf0hHRQQ_AmCMwxIvkyS8peLPMZYT2dyzd1_XTErEeQdd20GMFFtRdFtJMaop5lomTWhYIkm_t9fIGhLrcCZRzq6PsItHWF6cbSPLiDdJ6Pr1gwIE7BPwWUbEb-R6EZYlNiXyb79Jw3NK55iC5amqfPsFmsVvachOlr7VKd3seRXNNa14zypR_qYQ7hx87qS38jw-jtxXMPvxMV2N0huPWoi6tR_zKUxSGMcPKkpMknvmG2JcJB90oj1PRVLx73znBMfy0M2GfFLt0FvjcMb8LhROcmpOIhC4TXWREmHi2niL9d48HaKR9vsv5cd1-qllPgljgFZIzB1UuzZ7NYMKc0n_bF6hrDiPuAdHBUVPuzvh2tN6z2wUYIh9RsUQlpWpzacJyMPOnB2MIhtV6Y0-r7ilZ917s90fBKoVa7JhWsyYQryoBc1Q2j0qKbFIR9dYZpaxenHg3aAw5_uRtIL4a1ilaLj6Bl40cYazf_xDwDnZnARMXQPVmqZpJiSaAVTe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pontiarmada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:44:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B1E5 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNE3efhvnOgZcpHmHSUufW_DLc6MpBnWtRUct4Wi9EvcHZ5EWjXbVuFEzO_ah-SIL8rJOTzQJ04LO8HmyGjgs_aD0-0y0ACFCHhQ8vMbZaf-dLi143KYOnM76f6A&sai=AMfl-YRh3gOVAV3ni8TEMH8ew3HFgUqXF0Ds_ojj6t4OuJw6QbduyDkvnd-7r1CvwLCrIXg2fhlXL0Z4hZKg&sig=Cg0ArKJSzEEsC_-F6tZrEAE&id=lidar2&mcvt=1000&p=371,245,461,973&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2759094932&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629229457366&dlt=296&rpt=391&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:44:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D84 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjr9nNn8w-JwMzL4b1vwdkEf6I6BWfq8S320038qN0Du1pyY2LSpXBxZjRv1O7yFUuvhXPkSswF9tplOjWrETQHq914XR6PpkB_TVwrcI9LMcB3PhVxOUenEZhRg&sai=AMfl-YTG-7Sn0txV4j50-WmfFDclWrZ5ROR-PVE2rJpgDUsM9fuchW4lZ3KdcaVcAzXSO12Geuns1ICPYIq1&sig=Cg0ArKJSzOhCb0zN_iXREAE&id=lidar2&mcvt=1000&p=540,1050,790,1350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1139646415&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629229457386&dlt=498&rpt=619&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FA7C 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTdKYjH-rQn_AtB6CuTb_eXbgqxyPsTVCa18ZpzLkxGeWBUUiCK7glk1KkkgFatutJdWy0UOLpUfolV7t8gYzPStXATM7HoRzltO_WQ56UB_oOprrlMNfwZrjteA&sai=AMfl-YSahUBc8BQ8ITvEjyMtuvfQd5A1EEOvYni-D-MaZO3LQfRsRkdZk3T01v5zbp3i1fZyUoi6cAwRWtyC&sig=Cg0ArKJSzMFcxlqPcoOmEAE&id=ampim&o=245,940&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=185&tls=1185&g=100&h=100&tt=1185&r=v&avms=ampa&adk=1250003141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame FFC8 35 B
427 B 242ms
31ms Image
image/gif 142.250.185.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.82 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:44:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame FFC8 35 B
427 B 49ms
14ms Image
image/gif 2a00:1450:4001:813::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 19:44:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:33:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 20:33:50	Name: test_cookie Value: CheckForPermission
.pontiarmada.com/	1970-01-20 05:55:25	Name: __gads Value: ID=308d5f6b099521f5-223812c6a3c80052:T=1629229457:RT=1629229457:S=ALNI_MaDI8CiENLEGwE6msHZtpLxpoGwLQ
.pontiarmada.com/	1970-01-20 14:05:01	Name: _ga Value: GA1.2.1593364832.1629229457
.doubleclick.net/	1970-01-20 05:55:25	Name: IDE Value: AHWqTUmAWCUk80dk_dszQQlTTn3lMR3LXPVrm8GcxbaWhZSozkjV28I_O0fvC6OzOSU
.pontiarmada.com/	1970-01-19 20:33:49	Name: _gat_gtag_UA_107533837_1 Value: 1
.pontiarmada.com/	1970-01-19 20:35:15	Name: _gid Value: GA1.2.1486333054.1629229457

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://pontiarmada.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108100143000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891303795668056&output=html&h=90&slotname=8549774449&adk=1250003141&adf=2690042729&pi=t.ma~as.8549774449&w=728&lmt=1629229457&psa=0&format=728x90&url=http%3A%2F%2Fpontiarmada.com%2F&flash=0&wgl=1&dt=1629229457184&bpp=18&bdt=1148&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7471306540262&frm=20&pv=1&ga_vid=1593364832.1629229457&ga_sid=1629229457&ga_hid=1083427679&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431%2C20211866%2C31062297&oid=3&pvsid=1501560554310264&ref=http%3A%2F%2Fredirect4.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jJMBTKlFJu&p=http%3A//pontiarmada.com&dtd=193

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
alfamanosidosis.mx
cdn.ampproject.org
fonts.gstatic.com
googleads.g.doubleclick.net
p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i1-v6exp3.v4.metric.gstatic.com
p4-f5qikduv7wkzk-et3varqxlfhs6c7e-798465-i2-v6exp3.ds.metric.gstatic.com
p4-f5qikduv7wkzk-et3varqxlfhs6c7e-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pontiarmada.com
redirect4.xyz
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.184.227
142.250.185.226
142.250.185.82
154.13.86.37
199.204.248.104
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2012
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
07606e970149e2323182760ae532a9d2bd3fa091fb91245bfe443ebf73ff2f94
0f564a057750347ef1e66a3bc678df882710168f943a265672d8dbf261111e6d
102b97520358e94c1ebdf9084dea7d7db812ca4970813f73bfc2801fe6cefad3
137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1872c0d436afdbed5ad5dc89e575ea8fa0790fda0764f7446c93850a52348a04
1961665c377c007b4e2a25deb6e01a10cc01d00253f89e3236a6cef86b0818f0
23c354ca498aefbb9e238a7802869849f4d2a62c99e7db62d85cb28417c6eb5c
27aa16d30fba03663851d0e3ae817ddea9fbb8ff37bb91e60015e7f27e1f6d18
27bcaf5156b678a1a4d243b255561fb5d3e5191fb08d4e27e01b0e7960f8ea09
2b5c12e446c257987f54808ff0a35764fbaf56d4ae466b292d49a28a0a121235
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
396400a41b96c582794a8ca60ad2a7269537dd8a84e84d979abbc4350dcf4744
399db455d154502a629bc10f29a2f8d218fbaaa413386a12a6fdfeed79a073ab
3ca3e467b7d4d6b403aa4619019d9250b11449c8ee9c91c90bcbc9acdd64fea2
402884f55da3602e4f551b41c9d5a34ac4eef2de8aecdb4d4e4b6c7596e484ad
406f3c16fae88e2e1f681820091b978d2db783a8ac4736a4e85a47fe29fb908a
415de8a31d7f4a2dbbd4b2416115bcc6d29c8a954e3ca8db47c5e55996e49ba9
460ac7e591c959c841ef475d73e2b7b7a6496646459cab6c26d9e1e1e106f1fa
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
54bbcc3f77bfc9f69aa09ba55c4fd23f145a9d8eff58f74e2ce4dc42ddad1b1f
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
60b14986d5590994b2fdb27fbfde2f407791d5822f4609939af1b3943052ee53
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
64a971e7cb92f4f5884415b305a42038b0500a8347e855626c3c5cc15de4982e
654a0dde8e2f2e85f98cec5a1dd0ff6df5fefb9bc8f008a1c8f834fefbfc1592
6a04b66831af8f8f0b15d8b20dc53748e0d5e3506e9a7789ac040a1fb73f3fc0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
710b3bce7f8c81e1d3db6b430dcf98e7c401e21df396b3b46025cecc472af1f6
755b8b7b5bcf893e57243e1363ef3ec44bbee4c43d7e3e92261e6e1f25d48b35
787ff23f3c8f9352ee95098469a8626af9cfbaba5caf727af60c9f9e808ed5f9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e6e09a388ab24805eb8da793901f01072ac928d956c13c7f408f602d48da88
882e9de4d209dad9c10c7074054bc1b7857959067a6172380c6ac96f5e1015a6
98bf26621c35312f8b6e3a87dd6f70c51c74d6e7a48cbff3d883910b49b24647
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ae680a317a550a5c897714e2f379dc493a83ae2da421c1ad73a17198e074c0e3
b38c8908cf207bbf1932099cb9c14dee15f49280c4add3807cfee31453ddfcf4
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c4225dcdaff1f0a89290907bd67193c194ff73f1699c04e9a20c2c8ca2716ca4
c656d8e672d469ced91198a70c923478b581bf26c0470d5fa0c965e6c54e6fc6
c796e1c462a626be64baaa394933a68a23e163a62dbb5d1cc8a763e487fc2303
c8257285ff028dbe7e88750e3b5cb973c95f16aa81b6b5d8cc050cdf5f702ec8
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf98b51238b4da661dce9d093d28e20460ea2a1745848c2e6e63460e86efe771
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
de761c17eac4e98f0e21f49fa3929adcf3ff8c25aa5d78ea67ac88085fbf3f8d
de97e1d6973ba23f7ce5953eb2c96f528b187bae8068e59ad98e83d8054d8ad6
deb36e1415642450583c55b48127df16c5faf6cdb7b13a85da498aebdc3bf6b2
e1d59c2ea2d1c826a490c6d0931bfd655f5fda75e7fce4ab514a6ab542a43011
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ea1b13d413469175cc25babc68cbe7973d941c3eeb9eace7cc20bf55a52258d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04858f6b85b6bc28eb4c790e576ecbf47687cb839e746b5656b2cf2ed3a6a4d
f21c36cb9b6db66c53637b9d92f2fd869cb564d7cede035edd343c75a934f396
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149
f354ac0964036e2655926b00b97dd3aa88ebf594031d0b094ba09e9c9d4e366c

pontiarmada.com Open in urlscan Pro 199.204.248.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

77 %HTTPS

69 %IPv6

13 Domains

18 Subdomains

16 IPs

3 Countries

1577 kBTransfer

3034 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pontiarmada.com Open in urlscan Pro
199.204.248.104 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

77 %
HTTPS

69 %
IPv6

13
Domains

18
Subdomains

16
IPs

3
Countries

1577 kB
Transfer

3034 kB
Size

7
Cookies

99 HTTP transactions
4 data transactions