dermaga.def-atk.com Open in urlscan Pro
104.21.4.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dermaga.def-atk.com/
Submission: On January 04 via api (January 4th 2024, 6:43:33 am UTC) from US — Scanned from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 51 HTTP transactions. The main IP is 104.21.4.204, located in and belongs to CLOUDFLARENET, US. The main domain is dermaga.def-atk.com.
TLS certificate: Issued by GTS CA 1P5 on January 3rd 2024. Valid for: 3 months.

This is the only time dermaga.def-atk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	104.21.4.204 104.21.4.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.40.202 142.251.40.202	15169 (GOOGLE) (GOOGLE)
7	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
3	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
14	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
3	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
1	142.250.176.196 142.250.176.196	15169 (GOOGLE) (GOOGLE)
51	9

20 104.21.4.204 (None, )

ASN13335 (CLOUDFLARENET, US)

dermaga.def-atk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.41.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	def-atk.com dermaga.def-atk.com	173 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 www.google.com — Cisco Umbrella Rank: 6	71 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	274 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	10 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
51	6

	Domain	Requested by
20	dermaga.def-atk.com	dermaga.def-atk.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	dermaga.def-atk.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	dermaga.def-atk.com
51	8

This site contains no links.

Subject Issuer	Validity	Valid
def-atk.com GTS CA 1P5	`2024-01-03` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://dermaga.def-atk.com/
Frame ID: 2D854E55BDF6523A03D21BD3C726F887
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Frame ID: 1CFF0B268E36D15B4F8A7613D771C1A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5473612725859785&output=html&adk=1812271804&adf=3025194257&lmt=1704328817&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fdermaga.def-atk.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704350608329&bpp=5&bdt=949&idt=575&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4653030442276&frm=20&pv=2&ga_vid=200909939.1704350609&ga_sid=1704350609&ga_hid=1805215583&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080144&oid=2&pvsid=1304673917506708&tmod=1655624868&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=616
Frame ID: 26BD66B78553024DD1BECEEF276EEBD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5473612725859785&output=html&h=600&slotname=9109319783&adk=1917078391&adf=1352992332&pi=t.ma~as.9109319783&w=260&fwrn=4&fwrnh=100&lmt=1704328817&rafmt=1&format=260x600&url=https%3A%2F%2Fdermaga.def-atk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704350608334&bpp=2&bdt=954&idt=622&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4653030442276&frm=20&pv=1&ga_vid=200909939.1704350609&ga_sid=1704350609&ga_hid=1805215583&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080144&oid=2&pvsid=1304673917506708&tmod=1655624868&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=632
Frame ID: 578F0AB77E5A9DB263E8E9DCD423CE9E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7E92F60B186BE932712CFA50A32A5D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 260C6D8D9594145953518E9ED414ECB1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dermaga News | Berita Aktual dan Terpercaya

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

574 kB
Transfer

1555 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dermaga.def-atk.com/ 28 KB
7 KB 2339ms
2201ms Document
text/html 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 993f31b4b5ecb2caa1d62bac8b251c1ed7568f3551b4cfd972829811477fae53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 840181d27916e72e-DFW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 06:43:27 GMT
last-modified: Thu, 04 Jan 2024 00:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQhSnjpEYTYoCNh1zVEXL%2F4JUSSSTio%2BJ0QjVCHiibrBv14u1GAn9RkS5zERre3H%2FxOUR0VSh5h1hom%2B8kNfexpzId3rR%2FNsidMRJKN5JcpYqlWlwlZfUZuh4S71WaNo4JHuH7xC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 5y26z.css
dermaga.def-atk.com/wp-content/cache/wpfc-minified/mp1ic9m4/ 107 KB
15 KB 454ms
447ms Stylesheet
text/css 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/cache/wpfc-minified/mp1ic9m4/5y26z.css
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616d462b7a57f30532c5d74a4b193daf609bc509ac5953aaf071d66561c4e523

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1acf8-6595fe71-526e9041530d1be9;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfGtOBvbSI9CJ3fL%2B4ZKkUa0xOGuNP6YxQ9Ymud46COsQVnfJ40M27RNdRPPjaYcoOiEynedghh1vb%2F8artGdgmNUM0ZjHF5SXUndkVWTj5%2Fv1EX4M8qWaQf4PHIkQnUDArujVMh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e058fae72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 5y26z.css
dermaga.def-atk.com/wp-content/cache/wpfc-minified/1n0ogd5s/ 3 KB
1 KB 334ms
329ms Stylesheet
text/css 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/cache/wpfc-minified/1n0ogd5s/5y26z.css
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1068473c37a5f65cbe68f6ce0054a87fa232d2cf0a6dd28296be3ec90597af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a45-6595fe71-b7b317b35c56d4db;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2F%2B%2BFQPP3WsPIJVC5ANTBD8VBeYqE4TQEaoG%2FEqhiL%2FZ8lUd0Xe7h5CbK1U7NMY7xUqTSwbb2mX65IQxiRi2g5BbZwTbGLNX9oYUWWchRBtsV1iWhR7CMn6LMBBiRUX4TjRGLdXx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e058fee72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 273ms
98ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Requested by

Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 06:29:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 06:43:27 GMT

GET
H2 200 5y26z.css
dermaga.def-atk.com/wp-content/cache/wpfc-minified/qkvyyhz/ 48 KB
10 KB 313ms
309ms Stylesheet
text/css 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/cache/wpfc-minified/qkvyyhz/5y26z.css
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b08121d968d6690b3cf011213a4776e93e963fba0815fce29b48cb1c9c25878d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bea4-6595fe71-74abdc5bc698c8fb;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4iMS5JrWcZSyxvrk9rm8rWzuN6pUZKfEaOIgmZzl2pEeciRPpm1H7QX7Fxkma8neDuYQ5CfsZ6gBLDMuN8vydjeT6fAWa6T0ZWynEQDLFj92opLE5O2UU1otQXN%2FGD5ABNQy6ED"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e058ffe72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 5y26z.css
dermaga.def-atk.com/wp-content/cache/wpfc-minified/2cu1u4xv/ 27 KB
16 KB 479ms
474ms Stylesheet
text/css 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/cache/wpfc-minified/2cu1u4xv/5y26z.css
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d6a7c14c0b51ed484180f3a994c6eab696d922f84bf6588f48da386c27d4e54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6ddb-6595fe71-7cfe2efcec564fdd;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qmxEEdXjHO%2BKHWunGvHWNHbcqPil84kB81mIXdMHIWu1fjYVijkjJYMdvB9urlDPG1UnhU3rVOKEsdBkBUjZyH77fDLd6B5SAEC1j%2FU8b0RjOlHkqNTdEvhB%2Bc%2BDXljuNdlznUm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e05901e72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 5y26z.css
dermaga.def-atk.com/wp-content/cache/wpfc-minified/kmasocp8/ 6 KB
2 KB 335ms
331ms Stylesheet
text/css 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/cache/wpfc-minified/kmasocp8/5y26z.css
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebed3ce7d86902ec811099603b308a38d485e895e0ebe59a69045c31a2e18e7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17b4-6595fe71-68ef806215359c3;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzG2lQl2qOfD1Al2Zz0MVYSx2mTAQYqRgeEAO28Qmlk02YPEgmRQPhLnymDenH9q%2BqFDFWPyxOSql%2Fn77ZUOFEw6j5pgQl0OLFXJEnfLKv4NR95zdYJz1gbpcfygtvWOjU5iCqXB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e05903e72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 jquery.min.js Show response
dermaga.def-atk.com/wp-includes/js/jquery/ 86 KB
31 KB 458ms
454ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-6595fe21-30f030b46940a6b6;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iWp4ENhO6jydelfm6g5efmhsPZbBfAHztd6zlZj2MO2tZ3P7Z7r6D34%2FsI9ARFrnVDXUAyhTu9qeG%2FeqAjvu%2FiOm%2Bm3oQhDVFXGU4vAtir3FW7B1HkcKH8J%2BCde8PRxG%2FpUmOrO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e05904e72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
dermaga.def-atk.com/wp-includes/js/jquery/ 13 KB
5 KB 336ms
332ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-6595fe21-3a5a8f3c3a18aa70;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMTM9IZj6lw9rzfpqqCV1itFRjdbCFKkcpZTLZOhf%2FrW3lnTVg08M40cdgR7CvI%2B%2BtovBaiMwIurqzY2vrlj4EKdcgXoQ13ZBoaxRCpTyFEcd2V%2BAlTX15kCIDTmUDDVRviY1cW8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e05905e72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 check_min.js Show response
dermaga.def-atk.com/wp-content/plugins/cfmonitor/js/ 12 KB
5 KB 323ms
319ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/plugins/cfmonitor/js/check_min.js?ver=6.4.2
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd81d767cf94f0cb3f078a30a8136ba6fba011e0568ee9f8f0ba2a1785e037c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3154-6595fe20-50ba2d96c84b8279;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JueITdNhEWUVscPGhjY4OPFmRtRdBwmEvJUmRiMVYwmi%2FjtklL7YeIlR94AmrowFQPPjluvdRu308c348sX3bA7ISd157icObaI90XBpw50u4UI%2BGwVr19wcwkpH%2FToXhoaYKqdx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e05906e72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 vivo-y30-768x416.jpg
dermaga.def-atk.com/wp-content/uploads/2021/01/ 36 KB
37 KB 421ms
417ms Image
image/jpeg 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dermaga.def-atk.com/wp-content/uploads/2021/01/vivo-y30-768x416.jpg
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae2382608221925da99f75de20f355d7f0f0fe111451987852c8ba9f77f62ac3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37002
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
server: cloudflare
etag: "908a-6595fe21-6eaabca9cad089e;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BL7rnxeI8huiQGvQOpFVWe%2Fx7NQ6AaVXJmVyWwDjsPINwCGxeeO5%2B%2BFStddc0F3cvDMqElRLVsFzCKfG1FSXn5uxZNY3MnoPACt1TWnKWKI43HwJWjeu%2FFMqwdZQaayi%2Fqvgbj8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840181e05907e72e-DFW
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 316ms
91ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5473612725859785

Requested by

Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e1d3f5fd6073bdb2eaab0726434ee95ad0c202340593f1c12623317d9078f4e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
Origin: https://dermaga.def-atk.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51290
x-xss-protection: 0
server: cafe
etag: 14187124747322045544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 06:43:28 GMT

GET
H2 200 index.js Show response
dermaga.def-atk.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 328ms
325ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a12-6595fe20-9fa52371477bf40;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5DcgbqGMgJOarFHEWZ3M8pRSecLDQ3Udvyl2I9xqvkCXxa5vezBzrL%2BDwQiB02mU5Sx5ZtG9lTJItoF%2BY%2BcFRrgDcxmJkGDH8gjQrkZjhiYpN%2FzzUrbDp0Dp3FEnsDiQnAuYqHT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e05908e72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H2 200 index.js Show response
dermaga.def-atk.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 352ms
350ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"328f-6595fe20-2e95085d3229e657;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zt2815ACw9TJyjGFQ6ggooHb8bF65ngp7NSdvjd6zfivqZKxI4hoa8hF0saZkuxr%2BRNbFMkX%2FYiU155p6T9u2oZDX%2BEzi0iNvX9cy6qHAlFIFnFsa6U4TX3cGqt4KB2%2BLfixyF4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e09929e72e-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:27 GMT

GET
H3 200 superfish.js Show response
dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/ 7 KB
3 KB 403ms
402ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/superfish.js?ver=6.4.2%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d7c-6595fe21-fabf0e0423564fc9;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2Fltm%2F3XHFVMfkQe43F%2F%2B1vr02Re930Uvbzh7Haasjjs8TDO7AyUEOjTNVucPqBp9AAMfGm99jvmQcARsCKcSJJ07AtAZWxm88losMfhOXtiPnqXro6COs%2F3FQaoBz%2BHl1kVSBIZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e26847aa94-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:28 GMT

GET
H3 200 jquery.slicknav.min.js Show response
dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/ 8 KB
3 KB 394ms
393ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/jquery.slicknav.min.js?ver=6.4.2%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"20df-6595fe21-10c029bb52b24228;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgz%2FA%2FBXn7R7KP8qAKrmgsu7ycSDMOhFvQigJoIL3%2Bkld2X6nnSpuM2JMVToLbZUUEEe2Ap6msMXLZvseZv7MyTTdsmMVGj%2BvUIVxDl939THQikJi0D2foqNU3xhw6n%2Bmjs%2Bg5Pe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e28882aa94-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:28 GMT

GET
H3 200 jquery.sticky.js Show response
dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/ 10 KB
3 KB 308ms
307ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/jquery.sticky.js?ver=6.4.2%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2765-6595fe21-f7149e91c4ad8492;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwpeIp9RWal0rrWkPHVp25gT4DzrTBh64MwsEjgVtrz4ygsJx%2FlKIGHtBHOApgQ%2FtA2DS%2Fmn0mlX%2BXrzbRoz%2Bo3wjEW4Hgpcp0mTTz9V9Ah2tzOnA1cjSoI7KpibepOvEjeIAfPl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e3a988aa94-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:28 GMT

GET
H3 200 modernizr.min.js Show response
dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/ 15 KB
7 KB 300ms
298ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/modernizr.min.js?ver=6.4.2%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3c36-6595fe21-6ad1ecb97c6cbe76;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtTj5rPAK9VUvTZmYRV%2FC5K3qN6WUCle%2B%2FeIZbXsR8YUGGfVrTM%2Fo3%2BSlzY1x%2FeJfjC93qgwp5w6829FX9%2Bhj%2BL2qHUyIzHNqriGH9piqUQHGZQneZYXyg54QVTGgj%2BJKKWgQrdB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e3a989aa94-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:28 GMT

GET
H3 200 html5.js Show response
dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/ 10 KB
4 KB 311ms
309ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/html5.js?ver=6.4.2%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"285a-6595fe21-4baefaa5d87839f3;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTwqwtvFSYuD9fdg7w8SxXbZRshgBs4uf0rEleKweMnMfhPIOzOzINBBycWYC8asz%2BXWKApJrtLIc3p%2BjmAvVV41sWD9Y7%2BlyUdkHpBJYjuzz6PqCx3ek2Kx64kPh27%2BHBNKokSa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e3a98aaa94-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:28 GMT

GET
H3 200 jquery.bxslider.min.js Show response
dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/ 66 KB
16 KB 443ms
442ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/jquery.bxslider.min.js?ver=6.4.2%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"107e0-6595fe21-4be82571b235eda8;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgA%2FE5dYq%2F5n%2BL4zBnTI03AwezUe7nqAOTiOEQH%2BWWt2bExk%2B8c%2FMPoDMJlCCE5gEx7mkiWCHKA7WGOXyO%2BVFkDEyu%2FZJy0ouFlTytXvqllkQ1IAty%2B0viDRAZjOwjrWKcdx6n5Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e3a98caa94-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:28 GMT

GET
H3 200 jquery.custom.js Show response
dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/ 4 KB
1 KB 339ms
338ms Script
application/javascript 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dermaga.def-atk.com/wp-content/themes/revenue-pro/assets/js/jquery.custom.js?ver=20171010%27%20data-cfasync=%27true
Requested by: Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 00:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1046-6595fe21-601237acf5c7db81;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQXKxNNfL6eJixQA68LcE%2FAKOOMsU8d%2FXMDKMqDCiBbNXIhbiFe74sKW0Yad8IPet1%2Fs47U6IfoAZxef9Py%2Be2%2Brv0Pansa9uz%2F94hvPrdPltJr5gsURMDMDTPJU24SjHYEMKpmy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840181e3a98daa94-DFW
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:43:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 313ms
97ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dermaga.def-atk.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 19:41:38 GMT
x-content-type-options: nosniff
age: 126110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 19:41:38 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://dermaga.def-atk.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 276ms
61ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dermaga.def-atk.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:15:11 GMT
x-content-type-options: nosniff
age: 80897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 08:15:11 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 354ms
158ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5473612725859785

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

65988f49fb7e5db4e71a68b1f405b150b9aea9394ece7642370670bd36e306a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137921
x-xss-protection: 0
server: cafe
etag: 3341698738079860456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 06:43:28 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/ Frame 1CFF 9 KB
4 KB 305ms
81ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5473612725859785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 16440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 02:09:28 GMT
etag: 9219409622527106327
expires: Thu, 18 Jan 2024 02:09:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 admin-ajax.php Show response
dermaga.def-atk.com/wp-admin/ 70 B
658 B 875ms
874ms XHR
application/json 104.21.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dermaga.def-atk.com/wp-admin/admin-ajax.php?action=ajax-checkclicks&nonce=047682f641

Requested by

Host: dermaga.def-atk.com
URL: https://dermaga.def-atk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1%27%20data-cfasync=%27true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

decf2a15198ee943709239c37fe8eaf9fe0e4445913c9e34a54d846706344766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dermaga.def-atk.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json
access-control-allow-origin: https://dermaga.def-atk.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FF5VxbBi1uTpfCv25x%2F3ry5koHGhS8wLQjV%2FuPyFvMBBaidMxwPIXKsZ1I%2FCp7WlBEjd5zbUM3ddk1JEDhoKK2n6rJ0tmG9IqiaECzCLJiAzyfayC4qRpgMCKSV9nY1nmyfMskO5"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 840181e67c82aa94-DFW
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26BD 10 KB
5 KB 489ms
398ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5473612725859785&output=html&adk=1812271804&adf=3025194257&lmt=1704328817&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fdermaga.def-atk.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704350608329&bpp=5&bdt=949&idt=575&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4653030442276&frm=20&pv=2&ga_vid=200909939.1704350609&ga_sid=1704350609&ga_hid=1805215583&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080144&oid=2&pvsid=1304673917506708&tmod=1655624868&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=616

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

9d9a40c61705c89b58bbc336efb22967068f7591ccc6a9060fc59b2641694960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4454
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 06:43:29 GMT
expires: Thu, 04 Jan 2024 06:43:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 578F 717 B
576 B 393ms
324ms Document
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5473612725859785&output=html&h=600&slotname=9109319783&adk=1917078391&adf=1352992332&pi=t.ma~as.9109319783&w=260&fwrn=4&fwrnh=100&lmt=1704328817&rafmt=1&format=260x600&url=https%3A%2F%2Fdermaga.def-atk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704350608334&bpp=2&bdt=954&idt=622&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4653030442276&frm=20&pv=1&ga_vid=200909939.1704350609&ga_sid=1704350609&ga_hid=1805215583&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080144&oid=2&pvsid=1304673917506708&tmod=1655624868&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=632

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

6703bcd2d390365905e6358a5c6d1de9ee8b2d14f2b39d3b82980e1647862d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 06:43:29 GMT
expires: Thu, 04 Jan 2024 06:43:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-5473612725859785 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 301ms
116ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5473612725859785?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

694560ca38fc49a96ef42baa43e8945e9309a16ceeff5c6dbde77c8c811c25cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MIiYvcVUgvUdHz-OI7VE1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-MIiYvcVUgvUdHz-OI7VE1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxU1CRHcOv5Q0E9AmAt7of5zMP5Uph-flvBCn0kxnETEaaAr9ubpklqBaunH6mND0gdV6noF_aysJ-qZrAbIL6CPEQl_cUOViM476JvSxQ7dAa1YGmfWjRDCsxXeYqi9TyevT3jHJQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 127ms
126ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU1CRHcOv5Q0E9AmAt7of5zMP5Uph-flvBCn0kxnETEaaAr9ubpklqBaunH6mND0gdV6noF_aysJ-qZrAbIL6CPEQl_cUOViM476JvSxQ7dAa1YGmfWjRDCsxXeYqi9TyevT3jHJQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzUwNjEwLDE0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kZXJtYWdhLmRlZi1hdGsuY29tLyIsbnVsbCxbWzgsImZYd2RTOE5pSVpvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

942c1dfe698f90eb07a83b3e967564b7019fc5e9fb21c26d29c2b1848361ec4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hkmjKF5BI-Mgxyj6JZ5dfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-hkmjKF5BI-Mgxyj6JZ5dfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWqCMDk3SiKuQxph9Z6JaiRtivRHjdlFdmWqwlcnaYdJZM2nAh4M8SPg6rB5zZ0UyNq-k7pQprpw5BTxefixG-6MXAQabR8UYwyW-kVeQFXFLmfd_moZoInHuxqiesLUnC1WgaAZA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 122ms
122ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWqCMDk3SiKuQxph9Z6JaiRtivRHjdlFdmWqwlcnaYdJZM2nAh4M8SPg6rB5zZ0UyNq-k7pQprpw5BTxefixG-6MXAQabR8UYwyW-kVeQFXFLmfd_moZoInHuxqiesLUnC1WgaAZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzUwNjEwLDI3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZGVybWFnYS5kZWYtYXRrLmNvbS8iLG51bGwsW1s4LCJmWHdkUzhOaUlabyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

ef5c9c339e6fe2510df2e551c5c1da0917a2c1cc7fa7c45abdd8e962ea032ca5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QMjOjsvrfKK-bE-qL8fTRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-QMjOjsvrfKK-bE-qL8fTRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 117ms
116ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240102&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

274ecb9ae1f2c41adf61154bdd8b8c675f04ee809bcadb727ffd458ec5cf5d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 392ms
117ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 06:43:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7E9 13 KB
5 KB 89ms
84ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 211029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 Jan 2024 20:06:22 GMT
expires: Tue, 31 Dec 2024 20:06:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 260C 829 B
1 KB 262ms
97ms Document
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f4.1e100.net

Software

GSE /

Resource Hash

a3370945c14cda7ac106991d777980373d7d4c8f96b45c72e3a986e2ab91dddc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o_mQy8tkxjdH_3sCYONufA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dermaga.def-atk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-o_mQy8tkxjdH_3sCYONufA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 06:43:31 GMT
expires: Thu, 04 Jan 2024 06:43:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A7E9 39 KB
15 KB 97ms
96ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 20:11:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 20:11:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 260C 0
0 103ms
102ms Image
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240102&jk=1304673917506708&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s34-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 108ms
107ms Image
image/gif 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.3572210329170669

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ghITGxjhPfQGfz9oqQPNeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-ghITGxjhPfQGfz9oqQPNeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 191ms
190ms Image
image/gif 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.4394771078122277

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zWxcZ9zD242lUHU5wdL9eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-zWxcZ9zD242lUHU5wdL9eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A7E9 0
10 B 82ms
81ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Jf1AzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxUPg1Q_EJ6BOLmquYDbVmDgxV5avzwmS7X8us8UvN78S5E5UKMNdyo3S4IVjW5Y0eOFQDAMtehM92-X9krwGZpRr-fL27y__LcfOz1aInH4AIkZHpHYfc31p28bX2_-c-w1hYykCA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 255ms
98ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUPg1Q_EJ6BOLmquYDbVmDgxV5avzwmS7X8us8UvN78S5E5UKMNdyo3S4IVjW5Y0eOFQDAMtehM92-X9krwGZpRr-fL27y__LcfOz1aInH4AIkZHpHYfc31p28bX2_-c-w1hYykCA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oVjXFjRR3lT1T776pKVe9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 06:43:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-oVjXFjRR3lT1T776pKVe9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dermaga.def-atk.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 104ms
104ms Image
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240102&jk=1304673917506708&bg=!Li2lLWLNAAY3kmNgF5I7ADQBe5WfOAThw3H4jvWYp0tTthwXRS1gZ_WWpOzMYJnaDY145fiKiHm0_N103LdfOtVXJPp5AgAAAPtSAAAABGgBBwoAohlMIlQECoPHvsCk7f1eL2TpMvdRoAedTY-W7BUxo2XKzR0WMoUuPtpdyyNx7rPG7hcpGbRUETo41XZM1Hw6qLcTc_lMxgpvlmde33_QnM9UUS_0X2LDM8tlse_jzml6YPvpcfP-RvihhCnTR6cktnHUfgCDMKScLjGY0zBestOKIr8MvtzXWrjkGFuou8MgU80SnmcKCCITazwY59VUj7D8cpkCvXz6eSwz5NY5p6_wjRo6rK42UQdQnXgDEfdskE4SDuA3qD8iQkJgCkt8BeVHBZtYneYSQbSXZk7LYMdNvWSdL5SND7HCg9xkYv_ikyC5EXQUIaIafDi93Uu6Zu7DKBZKJj6Qc2UBPnsy9seY45o9HovTasYM6XEoRy4Xubz-SQ3m6hk0XgPvSs5szTLNckMeoEtJpKRskqgNjJQnhPhEJLXuGQOsEp5GYGY_XSboGdU4VcDqPLputNCwvkgF0UjDWuXBVhi7OCPmT55cuz9JmgssS6v-RYhzGxTI7Y_HUkZboi7NGXOxA4kBSn30JGo38uOig4KvdsCOqCBLYtWRGXD66ReLOJPufWpjCfvHx8CKyGbqXK_nqM7hcxQZPcotzag4tbXpjJtaLY7su-20IujVxfXKZ_tCCoFtNhWSd9jr6kuGcr_iAVJzFPZT0ooz6imNX6h_ixwCakrNKQUXhTXwGXbOhUpyrv3X2-anJF9vXwP6gsSMK4_VEd9MyhFtcoDN5InnFCLIpo_vtv2_6lh7j2iRe4YFts9I6YnyghXp-ziHyyQq01chZbe8x3zRU56srr7PpXzeZCh3btCe1ybLRU93SoJnZ6Swuuw6o9KJ6SqTHbH7dlA5FkDCI8LDJSfxUASo2NO9u2di2_hD_YNOx12m0N0H0WYKzQCuBKsiBdP5ICQ3YQwqyJZeHKJIrzUjg8KDZbm03HwKg2Oz7gVwAleVMcU3o_xzS-4795gSp0rtiLC5rHcirNBAJ0S7k9EmaSNoUD4fRkLyX05r3FZBSPxJ5zkUQqtBremzgfoW2YOWNUehU9taGQXuaQ19KNn3TAJO2JTKgns9ERcLD3lt3gAg1QSUwI_uSR0ewQVJSfvPJDVSZHPe2mbAxj9xg6RuGlJLnHeOYBtaDW9hxxL9WtIBCsshqkMuSDJq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s34-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 adtechHeader.image,script,subdocument,third-party,webrtc,websocket,domain=camwhorestv.org Show response
fundingchoicesmessages.google.com/f/AGSKWxWDdPaI5V1MK2qKqWMY2EnyprX2Iv36SSiAJd9YNdjAWinzeB1rGJrHA6g9auXcp_6DzpFsyl_BoLh3-DVImZpmNBYQ6mzIx6eoIbveoKh_3dNmI1FKfaOkH3wdh0HJXoVXfjgo3D8wYffUI5iQB2YZBM3Se... 54 B
109 B 106ms
104ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWDdPaI5V1MK2qKqWMY2EnyprX2Iv36SSiAJd9YNdjAWinzeB1rGJrHA6g9auXcp_6DzpFsyl_BoLh3-DVImZpmNBYQ6mzIx6eoIbveoKh_3dNmI1FKfaOkH3wdh0HJXoVXfjgo3D8wYffUI5iQB2YZBM3Seei8El8Cqd1Yjd8qkacLyjYeYE9FZ0MW/__prebid_/adminibanner2._590x105./adtechHeader.image,script,subdocument,third-party,webrtc,websocket,domain=camwhorestv.org

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwXNQWpsdCQrGY-Gr2-YhgpAaD5aw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

3106b0bcd32ef473d776fc33c369fe181e6013f00cfe586a68f6509e894e8a64

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5KL427Ls9G-f70jJTW1BXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5KL427Ls9G-f70jJTW1BXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 126ms
124ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

8d3876f661c0af57ca6a4bd89f9879a5dcd2d064136fc941f6eca809b85bda2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51288
x-xss-protection: 0
server: cafe
etag: 9160319633445850649
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 06:43:32 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUPg1Q_EJ6BOLmquYDbVmDgxV5avzwmS7X8us8UvN78S5E5UKMNdyo3S4IVjW5Y0eOFQDAMtehM92-X9krwGZpRr-fL27y__LcfOz1aInH4AIkZHpHYfc31p28bX2_-c-w1hYykCA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iZwIB95-LkqIr6890HUIgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iZwIB95-LkqIr6890HUIgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dermaga.def-atk.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUPg1Q_EJ6BOLmquYDbVmDgxV5avzwmS7X8us8UvN78S5E5UKMNdyo3S4IVjW5Y0eOFQDAMtehM92-X9krwGZpRr-fL27y__LcfOz1aInH4AIkZHpHYfc31p28bX2_-c-w1hYykCA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VoNKwgoAaZoqBvVJCj93kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VoNKwgoAaZoqBvVJCj93kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dermaga.def-atk.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUPg1Q_EJ6BOLmquYDbVmDgxV5avzwmS7X8us8UvN78S5E5UKMNdyo3S4IVjW5Y0eOFQDAMtehM92-X9krwGZpRr-fL27y__LcfOz1aInH4AIkZHpHYfc31p28bX2_-c-w1hYykCA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cwg-dKttSVD2a1rr617LjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-cwg-dKttSVD2a1rr617LjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dermaga.def-atk.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUPg1Q_EJ6BOLmquYDbVmDgxV5avzwmS7X8us8UvN78S5E5UKMNdyo3S4IVjW5Y0eOFQDAMtehM92-X9krwGZpRr-fL27y__LcfOz1aInH4AIkZHpHYfc31p28bX2_-c-w1hYykCA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dxs1d407hGQMpf3RJAhmAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-dxs1d407hGQMpf3RJAhmAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dermaga.def-atk.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXdSpBGWAjNUwd3tqAvtWuQ5ovj1CJ32MqPhXoeGfGeaCAI6f9iE0r_aUxfRUJ5Rj8rPn5CCKHwC9E8932BDnM9l_bZ7IjlokGYzqTYmSmw9o7mLG6aP1270NCQUrifJGh9gUMc_Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 115ms
114ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXdSpBGWAjNUwd3tqAvtWuQ5ovj1CJ32MqPhXoeGfGeaCAI6f9iE0r_aUxfRUJ5Rj8rPn5CCKHwC9E8932BDnM9l_bZ7IjlokGYzqTYmSmw9o7mLG6aP1270NCQUrifJGh9gUMc_Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzUwNjEyLDQwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kZXJtYWdhLmRlZi1hdGsuY29tLyIsbnVsbCxbWzgsImZYd2RTOE5pSVpvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

c6e07bf958582392968816b044365621ead131d5ca3f4dc848cc22de39becb7b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-58ACi5mYIcJUpMS8QZ4xOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dermaga.def-atk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-58ACi5mYIcJUpMS8QZ4xOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUGSRH2iMNpUHkiDxHI32AHDrgPFKJG0j5rfHGi6Is2cjhmz5xKr6ZcG2lDXra3NDfDh9GXbpGYDOIWdZ3tBsHDIxnhaV3GK0hC24QIdok9jPA3cfoYT_ih402MyQznnK7JiZds1A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 102ms
101ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGSRH2iMNpUHkiDxHI32AHDrgPFKJG0j5rfHGi6Is2cjhmz5xKr6ZcG2lDXra3NDfDh9GXbpGYDOIWdZ3tBsHDIxnhaV3GK0hC24QIdok9jPA3cfoYT_ih402MyQznnK7JiZds1A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kkwAiQEGIZ7uIzvODRgQ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kkwAiQEGIZ7uIzvODRgQ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dermaga.def-atk.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUPg1Q_EJ6BOLmquYDbVmDgxV5avzwmS7X8us8UvN78S5E5UKMNdyo3S4IVjW5Y0eOFQDAMtehM92-X9krwGZpRr-fL27y__LcfOz1aInH4AIkZHpHYfc31p28bX2_-c-w1hYykCA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FCR4BCCHTugNJNxrnBYcHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dermaga.def-atk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 06:43:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-FCR4BCCHTugNJNxrnBYcHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dermaga.def-atk.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 17:25:51	Name: test_cookie Value: CheckForPermission
.def-atk.com/	1970-01-21 02:47:26	Name: __gads Value: ID=2be65f5a85500d67:T=1704350609:RT=1704350609:S=ALNI_MYjlhbccYw1wb-P4WPne70HFGD-Uw
.def-atk.com/	1970-01-21 02:47:26	Name: __gpi Value: UID=00000db0c1861d54:T=1704350609:RT=1704350609:S=ALNI_MbA78NMBvI89YRqshf2odT5BhwDiA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dermaga.def-atk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
104.21.4.204
142.250.176.196
142.250.80.34
142.250.81.225
142.250.81.226
142.251.40.131
142.251.40.202
142.251.41.14
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1b1068473c37a5f65cbe68f6ce0054a87fa232d2cf0a6dd28296be3ec90597af
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
274ecb9ae1f2c41adf61154bdd8b8c675f04ee809bcadb727ffd458ec5cf5d12
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3106b0bcd32ef473d776fc33c369fe181e6013f00cfe586a68f6509e894e8a64
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
616d462b7a57f30532c5d74a4b193daf609bc509ac5953aaf071d66561c4e523
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65988f49fb7e5db4e71a68b1f405b150b9aea9394ece7642370670bd36e306a9
6703bcd2d390365905e6358a5c6d1de9ee8b2d14f2b39d3b82980e1647862d0f
694560ca38fc49a96ef42baa43e8945e9309a16ceeff5c6dbde77c8c811c25cb
8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323
8d3876f661c0af57ca6a4bd89f9879a5dcd2d064136fc941f6eca809b85bda2f
8d6a7c14c0b51ed484180f3a994c6eab696d922f84bf6588f48da386c27d4e54
942c1dfe698f90eb07a83b3e967564b7019fc5e9fb21c26d29c2b1848361ec4e
993f31b4b5ecb2caa1d62bac8b251c1ed7568f3551b4cfd972829811477fae53
9d9a40c61705c89b58bbc336efb22967068f7591ccc6a9060fc59b2641694960
a3370945c14cda7ac106991d777980373d7d4c8f96b45c72e3a986e2ab91dddc
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
ae2382608221925da99f75de20f355d7f0f0fe111451987852c8ba9f77f62ac3
b08121d968d6690b3cf011213a4776e93e963fba0815fce29b48cb1c9c25878d
b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
bfd81d767cf94f0cb3f078a30a8136ba6fba011e0568ee9f8f0ba2a1785e037c
c6e07bf958582392968816b044365621ead131d5ca3f4dc848cc22de39becb7b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
decf2a15198ee943709239c37fe8eaf9fe0e4445913c9e34a54d846706344766
e1d3f5fd6073bdb2eaab0726434ee95ad0c202340593f1c12623317d9078f4e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ebed3ce7d86902ec811099603b308a38d485e895e0ebe59a69045c31a2e18e7f
ef5c9c339e6fe2510df2e551c5c1da0917a2c1cc7fa7c45abdd8e962ea032ca5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

dermaga.def-atk.com Open in urlscan Pro 104.21.4.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

9 IPs

2 Countries

574 kBTransfer

1555 kBSize

3 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dermaga.def-atk.com Open in urlscan Pro
104.21.4.204 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

574 kB
Transfer

1555 kB
Size

3
Cookies

51 HTTP transactions
1 data transactions