joss.beritateladan.com Open in urlscan Pro
2606:4700:3037::ac43:c465 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://joss.beritateladan.com/
Submission: On November 30 via api (November 30th 2023, 8:16:07 pm UTC) from US — Scanned from US

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 105 HTTP transactions. The main IP is 2606:4700:3037::ac43:c465, located in United States and belongs to CLOUDFLARENET, US. The main domain is joss.beritateladan.com.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.

This is the only time joss.beritateladan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3037::ac43:c465	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:402... 2607:f8b0:4023:1402::5f	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:402... 2607:f8b0:4023:1413::9b	15169 (GOOGLE) (GOOGLE)
6	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:402... 2607:f8b0:4023:140f::5e	15169 (GOOGLE) (GOOGLE)
3 14	2607:f8b0:402... 2607:f8b0:4023:1407::9c	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:402... 2607:f8b0:4023:1404::5e	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:402... 2607:f8b0:4023:1413::84	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
3 4	2607:f8b0:402... 2607:f8b0:4023:1404::69	15169 (GOOGLE) (GOOGLE)
6	142.250.123.156 142.250.123.156	15169 (GOOGLE) (GOOGLE)
105	12

25 2606:4700:3037::ac43:c465 (United States)

ASN13335 (CLOUDFLARENET, US)

joss.beritateladan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4023:1402::5f (Columbus, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4023:1413::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4023:140f::5e (Columbus, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4023:1407::9c (Columbus, United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4023:1404::5e (Columbus, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4023:1413::84 (Columbus, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4023:1404::69 (Columbus, United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.123.156 (United States)

ASN15169 (GOOGLE, US)
PTR: gh-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	470 KB
25	beritateladan.com joss.beritateladan.com	152 KB
14	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	116 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	204 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
6	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9066 c.mgid.com — Cisco Umbrella Rank: 7275 cdn.mgid.com — Cisco Umbrella Rank: 11503 servicer.mgid.com — Cisco Umbrella Rank: 9134	99 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
105	9

	Domain	Requested by
25	joss.beritateladan.com	joss.beritateladan.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net joss.beritateladan.com pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	joss.beritateladan.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.gstatic.com	googleads.g.doubleclick.net
6	www.googleadservices.com	joss.beritateladan.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	fonts.googleapis.com	joss.beritateladan.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	cdn.mgid.com	joss.beritateladan.com
2	jsc.mgid.com	joss.beritateladan.com jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	joss.beritateladan.com
105	14

This site contains no links.

Subject Issuer	Validity	Valid
beritateladan.com GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://joss.beritateladan.com/
Frame ID: 753B37B718F21B5AE12C8906B59A2B4C
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 55C576BEE4355F2210F6C771D19BE3BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785953178876198&output=html&adk=1812271804&adf=3025194257&lmt=1701375363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fjoss.beritateladan.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701375362595&bpp=4&bdt=829&idt=627&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5184623094903&frm=20&pv=2&ga_vid=736778157.1701375363&ga_sid=1701375363&ga_hid=477463784&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=1470326798989042&tmod=102716753&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=653
Frame ID: 0EF2140C8FBFCDDB085F3B2B106B82B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785953178876198&output=html&h=600&slotname=1184734940&adk=4218033469&adf=436554144&pi=t.ma~as.1184734940&w=260&fwrn=4&fwrnh=100&lmt=1701375363&rafmt=1&format=260x600&url=https%3A%2F%2Fjoss.beritateladan.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701375362599&bpp=2&bdt=833&idt=656&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5184623094903&frm=20&pv=1&ga_vid=736778157.1701375363&ga_sid=1701375363&ga_hid=477463784&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=1470326798989042&tmod=102716753&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=662
Frame ID: 402A616B99309AAD28B99572F85B99D1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DD5818265CD88291ED70EF3F263D16D8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 92DFA416F5F8744B87745AD4E4DC54A9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F1C9AD3D32E8E74CCEE648BA190A1B07
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0BA2EA45F96B6C2FAFFC593D6A3DD65D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BEB97EC1F8D16E01C129BAE90FE02B3E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F9cJirVi9qjlYPcfFapVTELLeNtNpwfIfD-9keFYcI8.js
Frame ID: 3ED2074F75C9874196FAEB62D0080A76
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 7BD0207F5CEDD22FD79AA932768A99D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F9cJirVi9qjlYPcfFapVTELLeNtNpwfIfD-9keFYcI8.js
Frame ID: A296A65481E2323B4E8716063024CA02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49135D083DD65D33CAD6A1A8DF81F90D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F271B249CE8C2421DAD8A14E8B83694D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joss News | Berita Aktual dan Terpercaya

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

105
Requests

93 %
HTTPS

91 %
IPv6

9
Domains

14
Subdomains

12
IPs

1
Countries

1252 kB
Transfer

3454 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=C76yEg-1oZcH8FsuG3rsPhZC6OOuC2JB0__v8oJ8R2tkeEAEgm5LOhAFgyYaAgNyjxBCgAfOP-6kpyAEBqQLOrsnOhk6yPqgDAcgDywSqBNUBT9CPKq9epeG1ZB26QFjnSFpf8FTgZOt9cplzjmv0T_ncMxtBJ0CIj3cJX0rRp62rUM74dbdpCFvovGBWBXbfqX-ADqpdnrLEahosWz5cje8GYxlMQKBoueXahT7MMrf2AA8AaW-jbY6_NRDRg_JdpCzm0QaUEgdxzf40rZ1uTIkN0yg8Tz9bDUiO1KZcQi8ol62KWDImXCEogxISz8N5EH2flKt5YpNJr44D1QLAaUIX9PYmERvZ2CkFiQuTvHlUr9id18PUzkYN6TCdsCzg8xkustsuwATezKuLuQSIBb7eu-5KkgUECAQYAZIFBAgFGASAB_PHy4kEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQtqcZ0ggdCIBhEAEYXzICigI6AoBASL39wTpY05KnkcXsggOaCXVodHRwczovL3VzLnNob2Zhc3QuY29tL2Rzcj9xPXFtcyUyMHNvZnR3YXJlJmFzaWQ9em13X2NoMzEzJmRlPWMmc2NsaWQ9MC0yNDAxNSZnY2xpZD17Z2NsaWR9JnJhYz1iZXN0JTIwcW1zJTIwc29mdHdhcmWACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2gwRCgsQwPWo767BsdrzARICAQPYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItODc4NTk1MzE3ODg3NjE5OBgA&sigh=wHo3jFdITh0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNyY16QRPwBQm_QVAAYc2vYQt_RPbedxgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd93e286f716f33840000000000000000%22,%222%22:%220x9ceaf32c54de382f0000000000000000%22,%223%22:%220xda6dd9181620a4b70000000000000000%22,%224%22:%220x7c13b20a3d6ad83e0000000000000000%22,%225%22:%220xde1036d6a1a5a0dc0000000000000000%22},%22debug_key%22:%222451153743947656031%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221931070780030158897%22}&andc=true

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckcj5g-1oZa_cG6D7vPIP7pC2gAOOkLrFdPbBzNi4EZ7SwKHvOhABIJuSzoQBYMmGgIDco8QQoAGLtpPzAsgBAakC4WyYmvT4eD6oAwHIA8sEqgTWAU_QqBtCCHYy6iHRCBPOj1cyUKsf2_W3m9u6SuVMyVXQ-BYRgrhaOTs94tX4oh52xhKQ2KrYE-o1VzBoc0tWZoPed4B9jhDO1pWyMOk7PMPoS4v_FZcycK8MYEt_-jaEPsrDK8tgqAr_IuBh9Hirgmp9Y32-P6-UQpKpnJ1YHsXlMkAEbnsAcTunvrBp6YldUEjykTPsbjmKBdAtSMseWU2luah-lJBdqjHSxx7pBzTDtEYqehVhGJZkZXnCMTqvC4R5lJBjJL6IsvsVEKOZZ6O6JTB_t3zABLCTodzCBIgFyaWW2EqSBQQIBBgBkgUECAUYBIAHv4T6ngGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCf9skL0ggdCIBhEAEYXzICigI6AoBASL39wTpY0-yrkcXsggOaCbIBaHR0cHM6Ly96YXBtZXRhLmNvbS9kc3I_cT1jYXIlMjBpbnN1cmFuY2UlMjBmbG9yaWRhJnJhYz1BcnRpY2xlcyUyMGFuZCUyMGluZm8lMjBmb3IlMjBjYXIlMjBpbnN1cmFuY2UlMjBmbG9yaWRhJmFzaWQ9em1fYXVfY2g0MjEmbnc9ZCZkZT1jJmxwaWQ9OTAxMTg1OCZwdWI9am9zcy5iZXJpdGF0ZWxhZGFuLmNvbYAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwQCgoQkJCf392Foqd4EgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi04Nzg1OTUzMTc4ODc2MTk4GAA&sigh=2BIr-FPGu9I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNDKNCB-wNKBzj4ZxGjUuq2YNk4SDg0xgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44cf6c33d89a460e0000000000000000%22,%222%22:%220xe16968acda553f6c0000000000000000%22,%223%22:%220x701d64671983340d0000000000000000%22,%224%22:%220x7d965d9d588fc3a60000000000000000%22,%225%22:%220x7265c7a5c6cf12a10000000000000000%22},%22debug_key%22:%2217210602266075395820%22,%22debug_reporting%22:true,%22destination%22:%22https://zapmeta.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22778361611%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22120321143532832433%22}&andc=true

Request Chain 94

https://googleads.g.doubleclick.net/pagead/adview?ai=CnQeog-1oZcD8FsuG3rsPhZC6OOuC2JB0__v8oJ8R2tkeEAEgm5LOhAFgyYaAgNyjxBCgAfOP-6kpyAEBqQLOrsnOhk6yPqgDAcgDywSqBNIBT9ARxCX6SSwZTOi-xWgGCOFMBaFjX0Juce8IKFOYoeyifne7P-oEz_e0jP-crrasnXSp9cnXz8uFsSbvqtNUGwsat_P5ekoWljOM0NHGhLLAz81Qi9op-F-VUqSvIK1_gcfW4QptBm4nbQeYttxgkXAPH2EbQTY22vX8JJH8-WpPyFI5nhZcg5tju5yFEzXGL9WFjUE7skR_qH3lPGRDoHLGx51gJf1wn69E_Gu7l45FRh3P1JoPbnYMHTCJTcBescpbBxVN2wJbYsxgOL24ROd8wATezKuLuQSIBb7eu-5KkgUECAQYAZIFBAgFGASAB_PHy4kEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQhLFx0ggdCIBhEAEYXzICigI6AoBASL39wTpY05KnkcXsggOaCXVodHRwczovL3VzLnNob2Zhc3QuY29tL2Rzcj9xPXFtcyUyMHNvZnR3YXJlJmFzaWQ9em13X2NoMzEzJmRlPWMmc2NsaWQ9MC0yNDAxNSZnY2xpZD17Z2NsaWR9JnJhYz1iZXN0JTIwcW1zJTIwc29mdHdhcmWACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2gwQCgoQ8P-J0MmDyK5EEgIBA9gTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Nzg1OTUzMTc4ODc2MTk4GAA&sigh=ICUPLArdo1k&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNyY16QRPwBQm_QVAAYc2vYQt_RPbedxgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd93e286f716f33840000000000000000%22,%222%22:%220x9ceaf32c54de382f0000000000000000%22,%223%22:%220xda6dd9181620a4b70000000000000000%22,%224%22:%220x7c13b20a3d6ad83e0000000000000000%22,%225%22:%220xde1036d6a1a5a0dc0000000000000000%22},%22debug_key%22:%223335548740785337651%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227299913763434873729%22}&andc=true

105 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
joss.beritateladan.com/ 30 KB
8 KB 1098ms
926ms Document
text/html 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e2980f5f219d2d96dee452a464a6b5b2ffd71d5c353bb92a6b29f34d7fe21d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e5c4055e334c0d-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:16:01 GMT
link: <https://joss.beritateladan.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRU9E3WhO%2Fk9PduRsZZfItKnC7%2Bi7ft%2Bu8IuAh1FSSfq4bciT4k3cPBifjGOBXM03m9Hi1pSe7e1nAC8bkr%2FjPgD9muLp4t%2FkxT7pBRNNDXzFUAjVaHgCXBh3OJ0hhLzXrpQQ%2BxJqbcdr%2F4Fpf3wXxY1KnJ8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
joss.beritateladan.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 404ms
398ms Stylesheet
text/css 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"19824-6564a37b-5fac8701a304bbd5;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2fkg1BI2HlOeOcqi8WSv8cT%2BascVQoOVaW6ZjxErce8b55vwLkMhsVCzNXcz%2BzelKY1akysvYr2ZLZM8OOqfdmk4%2FIlfC5XUz3cRqNupaLA4X4nOl%2FcpDe%2F%2F9TNy9BflXkPRDTgzb%2FsU6KizeNa2CNX%2B7hh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dcd4c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 styles.css
joss.beritateladan.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 279ms
274ms Stylesheet
text/css 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a50-6564a37b-997ea1337c043285;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldg28YbkK08SIzGeFmLZ5TLbf5cnFO2fkmhplNB2ERg8%2Bzpv3YcR72CewpVtkLfjl14qnHm%2F1JcEzORUUsIbY7VlY7T%2BDyyrqKKmWueU2%2BWPhS8CruMDYe9hnM%2B1oxZEFu2UJhYXRAC9hxYu9MbdReTIinDm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dcf4c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 220ms
85ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 20:02:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:16:01 GMT

GET
H2 200 style.css
joss.beritateladan.com/wp-content/themes/revenue-pro/ 54 KB
11 KB 280ms
275ms Stylesheet
text/css 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/style.css?ver=20180523
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d99b-6564a37b-61f29b8c2a4e3c46;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAoAmQqGM06LnESs5kSBRLgvBC%2BZEE2yVKO7fTGcKpxi5S%2BvxkRs4VFHXVxOjMP05EGYk66VogKcDejotBvTJEHkEn3fzRCi6jXdpMvq8mFhxN%2Fa1H9lZvB2FDISXGeSTiL1eNPoSQgIkYpbC6Ippr%2BWlCWG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd04c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 genericons.css
joss.beritateladan.com/wp-content/themes/revenue-pro/genericons/ 154 B
428 B 286ms
281ms Stylesheet
text/css 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9a-6564a37b-37d5182dc193231c;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS1nD9RKkyUet6nPl21CRQCk2Wqun5flWosl6IlRlMTCQ2IVD7ufSlRU5Un7I1UWgadY19zeXMQaITH5FsT19qhIUTB9GBjGRaR34gM3VZvAV0FQRjf8UJk%2FVSegnsOVJ8Vz%2FCk97xud8AOgDV2j73PLvI5W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd14c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 responsive.css
joss.beritateladan.com/wp-content/themes/revenue-pro/ 7 KB
2 KB 281ms
276ms Stylesheet
text/css 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/responsive.css?ver=20171012
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ccc-6564a37b-92852e93321326f4;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3wn%2BvxaW1srzZAM%2Fs%2BDQ45345h%2F%2BVO%2FpmtvJKd0dQQNLRXPzg6gK83C7g8b6ADO%2BwkE1zkBnerK3QNwUszK4iZ6lY9dmGhPHyPnDeNQ6wKZ3bwV%2BFTD9JrIxy00tcqyKM2UVttuFgFAi0IE0i7ruR18V9S4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd24c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 jquery.min.js Show response
joss.beritateladan.com/wp-includes/js/jquery/ 85 KB
31 KB 409ms
405ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"155ba-6564a37c-e43b24cd94fa0796;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74dLKQtoIGJ%2FuYN6LiyZ3jVbt5LiW3tEQXDDuMfuM%2BhMVMHkh0Hx%2BoSYXGUsHD4wgN2zTMyHCOVy0Qd61HyLfE3q0fYpYhkhS5i5GOLoCUod89ntrjb87eB0dz9nU%2Bd0EKSgI11sFVGUQk6CQKuRgdglZ0ps"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd34c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 jquery-migrate.min.js Show response
joss.beritateladan.com/wp-includes/js/jquery/ 13 KB
5 KB 286ms
282ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-6564a37c-88c0a038c0e0c01a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=np6xSof9G2W9rLC9znW4VLEy6XKKFBOBpkSN4JL3f5md3zeC96oJAFSGxXTc4u0%2Fm2APusjULvk15JIRfh5oR0QE2yvfAAzYUK3oBN4y6h7KIU%2F%2FBOxId8UnMnurK%2BiOmXy33D3xlsbayD%2F1UdyxC8RKoyXt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd44c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 checkclicks.js Show response
joss.beritateladan.com/wp-content/plugins/cfmonitor/js/ 49 B
428 B 281ms
277ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/plugins/cfmonitor/js/checkclicks.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"31-6564a37b-9c9246f9e8148a89;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wIp%2FsUzhvYBkfYs8fbfWoDehINPJDBasiChbL3bfXI939aR3Kk15iH1SdQ7M4ztvwmVZ6j0%2F6hQbRmsnjd8Q2EHNSrukROMQetXHJWum%2BJGFTJ2meA9Pm83piLiuArv7A0tGH8ZqqLzmE5bv2%2BDag3c9TlK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd54c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 updateclicks.js Show response
joss.beritateladan.com/wp-content/plugins/cfmonitor/js/ 52 B
370 B 284ms
280ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/plugins/cfmonitor/js/updateclicks.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"34-6564a37b-c58b31699e75b0eb;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0QVfKjpUEb3xXInpuXmcgtSFa2UteZszBUKEDSeLkKnE1kl7BF2B8bsRIuRKnvtCvAYxKxcGSRQ1l7Dci0EiNMhD1WfzfOy4e3nf9j1uAU%2BbyB5e5FOIrmYlo%2B8Zp1WtEcP4MM%2B3XYlNZhr0rxKBJzj3YbA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd64c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 check_min.js Show response
joss.beritateladan.com/wp-content/plugins/cfmonitor/js/ 13 KB
5 KB 284ms
280ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/plugins/cfmonitor/js/check_min.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3514-6564a37b-f7712509c3158b68;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XG7IUyyH%2FNgOPfxinSC72VFhj2CMR%2BIG6rUiFkf%2BTN3Qi46c1o3R1LaVOomswgWKSzg4SDTwoG%2B9%2Bfmuh5mfX5Pw5al2yeJPJlMq%2B%2F5ES%2BEiDLUXewX5yoSgfpO7FCORvvCyqLuK0p8e%2FqiKZBYAovn4z24"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b3dd74c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 249ms
95ms Script
text/javascript 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8785953178876198

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e0bbace772badf11b3a7a5761a8dcf32d004ec772b97647b6e283542b1d0fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://joss.beritateladan.com/
Origin: https://joss.beritateladan.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52626
x-xss-protection: 0
server: cafe
etag: 13606515825994523329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:16:02 GMT

GET
H2 200 kramas.me.1139861.js Show response
jsc.mgid.com/k/r/ 4 KB
2 KB 1039ms
341ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/k/r/kramas.me.1139861.js

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56243d22f1b2be3c072d409e94069db7cec07c48bec8cad948e2ea91cab9a07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:03 GMT
x-amz-version-id: iqNtM4Qe6LD.1AYiG4KY0fVuwgI_OUGv
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BZ3VZ367K8W8S607
cf-polished: origSize=3755
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dLC7+IIIp+3tCRcCeTawRtaXgisAItOP76c8IAeRBlmU2LTc37z/+yJy6EJlVsGa2zQp46U01n0=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 10:49:42 GMT
server: cloudflare
etag: W/"7089e789d85b78d99c1048bc7a4e2db9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82e5c4141af33343-MIA
expires: Thu, 30 Nov 2023 23:16:03 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
joss.beritateladan.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 313ms
309ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1feb-6564a37b-7b31390be452810d;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOKrRm8SwOeM3Kvl05SuepBP6WhrTwr8yL0MNOYNHfWv1muED75ElOF4IyxvpT2Vtw%2FlF4R7oc4a6n3JfP4X1q7FjtT4Kifn0u7cT37SsjNZGyDxzN%2Ftib8TG8GoljsN3KL%2BRfcijbtplShlW1u8HYsmSdZ9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e144c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 regenerator-runtime.min.js Show response
joss.beritateladan.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 307ms
303ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"19cf-6564a37b-573777bbe2cdd19;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbSb5Z3eNTrPCD5QCQuhSn2W59janAgQiTrmc9UzM10yCYDmWHAOznt4b9fCjKZIVh1whcM6qmbaO%2FmtlnUtX17WkDmqZU3DRjw8xNqjt27pPlaQg8NCDuIoNArEAjK6qkFQneG4H9weXTS8vMrpXzjpDxyz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e164c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 wp-polyfill.min.js Show response
joss.beritateladan.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 306ms
302ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3f12-6564a37b-5af22bac6fad5582;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE8biSM6Qp2MzBIdqUpSPs927faeUP3o6ScaXfH54UADVuRSTwMLVxqYzbSE7qi0SR%2BT%2BvJks1Hl11eNYFWsjfoCtM8R91Lt7YYdxeTVG6OdNFLkS5uPklFSDpPHgbY%2BYGtTVBuUllbHu3%2BOoFpJwMsNvmZs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e184c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:01 GMT

GET
H2 200 index.js Show response
joss.beritateladan.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 319ms
316ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"32bb-6564a37b-e9aaa66b61a9d423;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K6ASlnuY4B%2BX7OK9YPir2HBMLAI45AR%2BlwXseL%2B%2F9NA6m1nHS%2FA07ZWt%2BHaFIGqZknCK%2F3jR09Ov0jijzMY%2BEnxDlpvLGvdfprtfi%2FVCnZHftWQVR6k0Ym0t7hx%2BXj%2F2lvlFhmMKWIh%2FZLrbEdmwWzg8fQS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e194c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 superfish.js Show response
joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/ 7 KB
3 KB 315ms
312ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/superfish.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d7c-6564a37b-3fd0926dd53bdb3e;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awRHuBGrec9U%2BoNEgHkN3LD79sQJgVozWoO%2FCfhVa%2FrLo8K1X21aDHpBJZzedN5AX2ZSM0mQocvNIcXQadVlIUTEHrGNKjfkMkxeGFhoOK61ZgCvZDeh4wU5E45LiJQ7LMdefofToipKsqjkKkgnsyouUpZk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e1a4c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 jquery.slicknav.min.js Show response
joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/ 8 KB
3 KB 314ms
311ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/jquery.slicknav.min.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"20df-6564a37b-58c86abb5b886ef;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBh3dWTpITRRx3Kp43NmtT0UE1%2Bfg8PJhs6LE63JVEh9JqOzYGjQoRueMdwGJi9TqfPwiLKAosgYLwLKm4ZGhKSb7D22tTaIafejY6aFh4za11j0ZItVGEvMEjuDChhTvPDzQ3hRpUQ5AVnNkRrAXf8OvMLj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e1b4c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 jquery.sticky.js Show response
joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/ 10 KB
3 KB 317ms
314ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/jquery.sticky.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2765-6564a37b-53f56a81dceaee2e;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNaxMLHu6FnzccSTEbO7GHBKiFBljAMNJrvQ1SbjG%2B%2FiCynpdki0kMN3rSgDjApB6eN6703XaE0m41KE559iXwjUPdbQDivSCI3C02cr2dGGL%2F1gHHMvnRFOzhh51aeumll9ET2WAaYjFbygqwIKDz%2Bg32Rh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e1c4c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 modernizr.min.js Show response
joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/ 15 KB
7 KB 311ms
308ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/modernizr.min.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3c36-6564a37b-6736b4b0d514e593;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BPAQlEYhToLandJv%2FovP23IVU6ONiM%2B6fmRh74XjoNQQG6UwJFpV%2BKFfTUGdCShQHTFslGmv3jnUc8YHmxo8WOJ%2BVCQ3O9cDWOivyFQ6mAG69J611wNTLuf%2B%2FB3NVc4u2cBpvB86BnCKUGaMNv2UMk8jQIJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e1e4c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 html5.js Show response
joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/ 10 KB
3 KB 392ms
389ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/html5.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"285a-6564a37b-40d6351bc02abf1d;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEpJSAw9SM3yEgX1gZX9IpDm1XMur1tLbLYjQBqDg4cdjhMVawUoameidCbchcM475FsNjdErJSVrONiePHE3w0WHQMHQqMFYXP2K9dds0woWeGr6tLKHwgwbZYtlgXj78Yedsi88Q%2B2hu80JgkiauSz1qOe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e1f4c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 jquery.bxslider.min.js Show response
joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/ 66 KB
16 KB 434ms
432ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/jquery.bxslider.min.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"107e0-6564a37b-81ded22c089761fc;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYjbpyCGUJe%2FqMgLhc8DqCLHzjuB%2BFl8XPEabvTnq0GeuNzUcStkkKn4y8PHb%2BpBGxvLPuLvP0fIhVClGSBMXrF5E5TjBocRlkgtL3XyM5NZOncMrGOuBqiWeEwFVdW%2FvtrNJ2Oh8iF0zK83ejunaon%2Bu67g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e204c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 jquery.custom.js Show response
joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/ 4 KB
1 KB 321ms
319ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/assets/js/jquery.custom.js?ver=20171010
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1046-6564a37b-46856a607e03c945;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egknpLPOtXjOkR23ukYBvSIgCWZ5UZ6GtWfN0nGK%2F9no0c3J3k7jWqkjbLi%2Br%2BpdG8l%2BWiBPbWYZq6bnNV0K6cF4Ax3HHDcMNXIIKOwTR1TF58YEdXZvx9CjNqoi7af14A19Dp2CAaan3p8USYBIqY8%2BZiAv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40b6e214c0d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
BLOB 200
OK b616f9bf-3c5b-4894-acdf-13c6b9e3acef
https://joss.beritateladan.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://joss.beritateladan.com/b616f9bf-3c5b-4894-acdf-13c6b9e3acef
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 genericons.css
joss.beritateladan.com/wp-content/themes/revenue-pro/genericons/genericons/ 28 KB
16 KB 404ms
404ms Stylesheet
text/css 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/genericons/genericons/genericons.css
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.3.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6e6a-6564a37b-aa856210a8f274ea;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeE354Mp6Tr0Y1wr%2B%2BVfERpmdRylFa3W3B3KFGWgyjyAgt8q%2BuBPggT%2Bd%2Fzmfww6ZJsro2EiDQFw8ReqbJY%2BRThTSkodHYaw0%2BntlYanK%2FVtqRNDu5p3CybLcDHCnpiM1Yt3YQrpGMCICYErn0NlX6sHDNCK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c40cfbc6746b-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 737ms
64ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://joss.beritateladan.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:41:58 GMT
x-content-type-options: nosniff
age: 27245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:41:58 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://joss.beritateladan.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 752ms
80ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://joss.beritateladan.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:30:22 GMT
x-content-type-options: nosniff
age: 20741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 14:30:22 GMT

GET
H3 200 wp-emoji-release.min.js Show response
joss.beritateladan.com/wp-includes/js/ 18 KB
5 KB 282ms
282ms Script
application/javascript 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joss.beritateladan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 14:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-6564a37c-fcf06e5590994ffe;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFbUlwdQaUHT4eFHiRE2MMkUDJ2YcLHd3ip0XUJUOc%2B3hgFLhjGZ%2BhFMH%2FwSQKLaEUZhow3PW1fr3c21JY1xjOv7cFASjyQyx%2B6B8Wnt6FcsVaShzLfAp9TpGDzkDFTS%2F4b3NlUMq32p6qlxQe56vTVK2Nlf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5c4100b1b746b-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:16:02 GMT

POST
H3 200 admin-ajax.php Show response
joss.beritateladan.com/wp-admin/ 35 B
637 B 660ms
660ms XHR
application/json 2606:4700:3037::ac43:c465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joss.beritateladan.com/wp-admin/admin-ajax.php?action=ajax-checkclicks&nonce=e5387c2b5d

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:c465 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://joss.beritateladan.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json
access-control-allow-origin: https://joss.beritateladan.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXG%2FpshDBtGdqj0icZ7PC6yFIGBjardFlqwZoE8WAmhhwQU6Yx9cNmxIU0a8ur3rVZQH06b49innO8rm8aFXjSDQAjUCRerSdgRUips9TR9vwunOZ1cZTRWUVxTxmhw2zyk4rPqqqCO6yW1WUrCFDQe7S059"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 82e5c4101b2c746b-MIA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 245ms
115ms Script
text/javascript 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8785953178876198

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9abf5c66ab4755aa0eeec28134e31c89a92ed9d2a824a69cc2b07562cdcae680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137246
x-xss-protection: 0
server: cafe
etag: 2845442418029844221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:16:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 55C5 9 KB
4 KB 194ms
63ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8785953178876198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://joss.beritateladan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:42:22 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 19:42:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EF2 337 KB
60 KB 662ms
592ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785953178876198&output=html&adk=1812271804&adf=3025194257&lmt=1701375363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fjoss.beritateladan.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701375362595&bpp=4&bdt=829&idt=627&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5184623094903&frm=20&pv=2&ga_vid=736778157.1701375363&ga_sid=1701375363&ga_hid=477463784&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=1470326798989042&tmod=102716753&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f514eb6265c2b30af18fd7e0000d8756cde6132086f76ddff36b791396f38be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://joss.beritateladan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61133
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:03 GMT
expires: Thu, 30 Nov 2023 20:16:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 402A 130 KB
43 KB 782ms
724ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785953178876198&output=html&h=600&slotname=1184734940&adk=4218033469&adf=436554144&pi=t.ma~as.1184734940&w=260&fwrn=4&fwrnh=100&lmt=1701375363&rafmt=1&format=260x600&url=https%3A%2F%2Fjoss.beritateladan.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701375362599&bpp=2&bdt=833&idt=656&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5184623094903&frm=20&pv=1&ga_vid=736778157.1701375363&ga_sid=1701375363&ga_hid=477463784&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=1470326798989042&tmod=102716753&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=662

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d3198da5716de5a053805b9f27ad71db1725e21692ecf7869e61767d1260dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://joss.beritateladan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:04 GMT
expires: Thu, 30 Nov 2023 20:16:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kramas.me.1139861.es6.js Show response
jsc.mgid.com/k/r/ 316 KB
95 KB 572ms
384ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/k/r/kramas.me.1139861.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/r/kramas.me.1139861.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e74e9a2b5b5d433b142303983a178310affd05d4fda8d2c9f45e5bbcd4d46bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://joss.beritateladan.com/
Origin: https://joss.beritateladan.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
x-amz-version-id: KFidkhjA53LSy8x12._UtG8AIs9gNvS.
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GSRPHQF1J1FR5EXR
cf-polished: origSize=323921
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2RNiq0EFA7wO5j1IfTilvdg7p0M9gBJL4DRn5DoGLaZqljhAJeIaTqovLoAAbLB1t+iAmWrjgzg=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 10:49:42 GMT
server: cloudflare
etag: W/"5dcf8d0901360c11915b052ac4e0daa8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82e5c4176f6574a4-MIA
expires: Thu, 30 Nov 2023 23:16:04 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 96ms
95ms Script
text/javascript 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1c5f7e9c4188e6bff758f119fa711f6f3bd6507f20141e63da6242001afcbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55836
x-xss-protection: 0
server: cafe
etag: 1385076470634525398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:16:04 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 402A 9 KB
4 KB 203ms
64ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785953178876198&output=html&h=600&slotname=1184734940&adk=4218033469&adf=436554144&pi=t.ma~as.1184734940&w=260&fwrn=4&fwrnh=100&lmt=1701375363&rafmt=1&format=260x600&url=https%3A%2F%2Fjoss.beritateladan.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701375362599&bpp=2&bdt=833&idt=656&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5184623094903&frm=20&pv=1&ga_vid=736778157.1701375363&ga_sid=1701375363&ga_hid=477463784&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=1470326798989042&tmod=102716753&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 20:12:37 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 402A 11 KB
5 KB 205ms
66ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 02:14:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 402A 14 KB
1 KB 82ms
80ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 18:27:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:16:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 402A 2 KB
857 B 102ms
101ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 402A 24 KB
9 KB 102ms
101ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 402A 3 KB
1 KB 113ms
112ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 402A 20 KB
9 KB 205ms
70ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 402A 202 KB
64 KB 198ms
64ms Script
text/javascript 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:16:04 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 402A 37 KB
15 KB 96ms
96ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 10:56:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame DD58 9 KB
4 KB 70ms
68ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://joss.beritateladan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:43:04 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 19:43:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 92DF 9 KB
4 KB 68ms
65ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://joss.beritateladan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:43:04 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 19:43:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK a3f0d56c-cf85-4fd8-8674-e387f0a0c67d
https://joss.beritateladan.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://joss.beritateladan.com/a3f0d56c-cf85-4fd8-8674-e387f0a0c67d
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 27b94a8e-d371-4381-bba4-7fd03def8955
https://joss.beritateladan.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://joss.beritateladan.com/27b94a8e-d371-4381-bba4-7fd03def8955
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 133ms
93ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fjoss.beritateladan.com%2F&cbuster=1701375364226220493221&pvid=18c21dfcc81a37effe7&implVersion=11&cxurl=https%3A%2F%2Fjoss.beritateladan.com%2F&site=714849&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82e5c41ace293343-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame DD58 9 KB
4 KB 72ms
70ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 20:12:37 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame DD58 11 KB
5 KB 65ms
64ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 02:14:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DD58 14 KB
1 KB 88ms
84ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 18:31:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:16:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DD58 2 KB
903 B 84ms
79ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame DD58 24 KB
9 KB 85ms
80ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DD58 3 KB
1 KB 85ms
80ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DD58 20 KB
8 KB 71ms
66ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD58 202 KB
64 KB 111ms
107ms Script
text/javascript 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:16:04 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame DD58 37 KB
15 KB 69ms
67ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 10:56:11 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 92DF 9 KB
4 KB 78ms
77ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 20:12:37 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 92DF 11 KB
5 KB 83ms
83ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 02:14:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 92DF 14 KB
1 KB 139ms
137ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 18:31:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:16:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 92DF 2 KB
857 B 110ms
107ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 92DF 24 KB
9 KB 67ms
65ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 92DF 3 KB
1 KB 106ms
104ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 92DF 20 KB
8 KB 77ms
75ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92DF 202 KB
64 KB 142ms
141ms Script
text/javascript 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:16:04 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 92DF 37 KB
15 KB 71ms
70ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 10:56:11 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5412030101103863658/ Frame 402A 3 KB
4 KB 123ms
122ms Image
image/png 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5412030101103863658/14763004658117789537?w=300&h=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543f77ff832a065906d5ae777dc9e05d7cf79cc9c0551f42360999becdefe75d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3241
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 13:37:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 20:16:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F1C9 143 B
166 B 66ms
64ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785953178876198&output=html&h=600&slotname=1184734940&adk=4218033469&adf=436554144&pi=t.ma~as.1184734940&w=260&fwrn=4&fwrnh=100&lmt=1701375363&rafmt=1&format=260x600&url=https%3A%2F%2Fjoss.beritateladan.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701375362599&bpp=2&bdt=833&idt=656&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5184623094903&frm=20&pv=1&ga_vid=736778157.1701375363&ga_sid=1701375363&ga_hid=477463784&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=1470326798989042&tmod=102716753&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=662
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:37:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 402A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 676a0ac7c008db368583234673ac567f7db868fe86951375de1a85a1f05beeab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0BA2 143 B
166 B 66ms
64ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:37:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BEB9 143 B
166 B 64ms
64ms Document
text/html 2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:37:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 402A 33 KB
33 KB 66ms
64ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:56:05 GMT
x-content-type-options: nosniff
age: 26399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:56:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F1C9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

174ms
173ms

Document
text/html

2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:05 GMT
expires: Thu, 30 Nov 2023 20:16:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0BA2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

174ms
173ms

Document
text/html

2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:05 GMT
expires: Thu, 30 Nov 2023 20:16:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4993217691887194574/ Frame 92DF 40 KB
40 KB 68ms
67ms Image
image/png 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4993217691887194574/14763004658117789537?w=300&h=300

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da4cebe7fea6018c545e0192fe99970b115a653c44f97ab78cfad44de4ba204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:31:24 GMT
x-content-type-options: nosniff
age: 20680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40741
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 23:21:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 14:31:24 GMT

GET
DATA 200
OK truncated
/ Frame 92DF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74853a636fc6d2449396074707a164e4b53512dea492ede7ebf1f024af65b5be

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 92DF 33 KB
33 KB 65ms
65ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:56:05 GMT
x-content-type-options: nosniff
age: 26399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:56:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BEB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

163ms
162ms

Document
text/html

2607:f8b0:4023:1407::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:05 GMT
expires: Thu, 30 Nov 2023 20:16:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 F9cJirVi9qjlYPcfFapVTELLeNtNpwfIfD-9keFYcI8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ED2 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F9cJirVi9qjlYPcfFapVTELLeNtNpwfIfD-9keFYcI8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d7098ab562f6a8e560f71f15aa554c42cb78db4da707c87c3fbd91e158708f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 11:02:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15280
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 11:02:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 92DF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C76yEg-1oZcH8FsuG3rsPhZC6OOuC2JB0__v8oJ8R2tkeEAEgm5LOhAFgyYaAgNyjxBCgAfOP-6kpyAEBqQLOrsnOhk6yPqgDAcgDywSqBNUBT9CPKq9epeG1ZB26QFjnSFpf8FTgZOt9cpl...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd93e286f716f33840000000000000000%22,%222%22:%220x9ceaf32c54de382f0000000000000000%22,%223%22:%220xda6dd9...

0
0

543ms
415ms

Fetch
text/css

142.250.123.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd93e286f716f33840000000000000000%22,%222%22:%220x9ceaf32c54de382f0000000000000000%22,%223%22:%220xda6dd9181620a4b70000000000000000%22,%224%22:%220x7c13b20a3d6ad83e0000000000000000%22,%225%22:%220xde1036d6a1a5a0dc0000000000000000%22},%22debug_key%22:%222451153743947656031%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221931070780030158897%22}&andc=true

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Server

142.250.123.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd93e286f716f33840000000000000000","2":"0x9ceaf32c54de382f0000000000000000","3":"0xda6dd9181620a4b70000000000000000","4":"0x7c13b20a3d6ad83e0000000000000000","5":"0xde1036d6a1a5a0dc0000000000000000"},"debug_key":"2451153743947656031","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"1931070780030158897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 20:16:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 20:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd93e286f716f33840000000000000000","2":"0x9ceaf32c54de382f0000000000000000","3":"0xda6dd9181620a4b70000000000000000","4":"0x7c13b20a3d6ad83e0000000000000000","5":"0xde1036d6a1a5a0dc0000000000000000"},"debug_key":"2451153743947656031","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"1931070780030158897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
BLOB 206
Partial Content b41094ee-2a1c-479c-8bd5-6f18bea26975
https://joss.beritateladan.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://joss.beritateladan.com/b41094ee-2a1c-479c-8bd5-6f18bea26975
Requested by: Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 68ms
46ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FT3B2YNDBGENVSWC
age: 5614
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T5sPcjZtf+bDh6XdJmp7hMMaIrle5xKb9BwVfmaNkAxai8X9iK4oKQPncfqBkIMJTmPLzS6Pbg2Yz9at9uMFJU2Q4p1mhW6T9hRl6tH5ghk=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e5c41e5b983343-MIA
expires: Fri, 01 Dec 2023 20:16:04 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
815 B 69ms
47ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YQB9E0XZ4AF5YHE7
age: 3796
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e5c41e5b943343-MIA
expires: Fri, 01 Dec 2023 20:16:04 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1139861/ 87 B
156 B 109ms
74ms Script
application/x-javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1139861/1?mp4=1&ap=1&w=260&h=1014&sz=257x227&szp=1,2,3,4&szl=1;2;3;4&cols=1&sessionId=6568ed85-17e4a&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fjoss.beritateladan.com%2F&cbuster=1701375364866726543759&pvid=18c21dfcc81a37effe7&implVersion=11&cxurl=https%3A%2F%2Fjoss.beritateladan.com%2F&scum=%3F0&scuw=%3F0&uniqId=05f87&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&tfre=3102

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/r/kramas.me.1139861.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e147a75b08439cda03886851d5de1d5b5d7163b13ae8f638697f2dc4489cf572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 82e5c41ecc3f3343-MIA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 265ms
111ms Preflight
text/html 142.250.123.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.123.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:16:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 402A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckcj5g-1oZa_cG6D7vPIP7pC2gAOOkLrFdPbBzNi4EZ7SwKHvOhABIJuSzoQBYMmGgIDco8QQoAGLtpPzAsgBAakC4WyYmvT4eD6oAwHIA8sEqgTWAU_QqBtCCHYy6iHRCBPOj1cyUKsf2_W...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44cf6c33d89a460e0000000000000000%22,%222%22:%220xe16968acda553f6c0000000000000000%22,%223%22:%220x701d64...

0
0

240ms
239ms

Fetch
text/css

142.250.123.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44cf6c33d89a460e0000000000000000%22,%222%22:%220xe16968acda553f6c0000000000000000%22,%223%22:%220x701d64671983340d0000000000000000%22,%224%22:%220x7d965d9d588fc3a60000000000000000%22,%225%22:%220x7265c7a5c6cf12a10000000000000000%22},%22debug_key%22:%2217210602266075395820%22,%22debug_reporting%22:true,%22destination%22:%22https://zapmeta.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22778361611%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22120321143532832433%22}&andc=true

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Server

142.250.123.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x44cf6c33d89a460e0000000000000000","2":"0xe16968acda553f6c0000000000000000","3":"0x701d64671983340d0000000000000000","4":"0x7d965d9d588fc3a60000000000000000","5":"0x7265c7a5c6cf12a10000000000000000"},"debug_key":"17210602266075395820","debug_reporting":true,"destination":"https://zapmeta.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["778361611"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"120321143532832433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 20:16:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 20:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x44cf6c33d89a460e0000000000000000","2":"0xe16968acda553f6c0000000000000000","3":"0x701d64671983340d0000000000000000","4":"0x7d965d9d588fc3a60000000000000000","5":"0x7265c7a5c6cf12a10000000000000000"},"debug_key":"17210602266075395820","debug_reporting":true,"destination":"https://zapmeta.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["778361611"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"120321143532832433"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BD0 50 KB
19 KB 66ms
65ms Script
text/javascript 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 22:53:27 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4993217691887194574/ Frame DD58 40 KB
40 KB 67ms
66ms Image
image/png 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4993217691887194574/14763004658117789537?w=300&h=300

Requested by

Host: joss.beritateladan.com
URL: https://joss.beritateladan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da4cebe7fea6018c545e0192fe99970b115a653c44f97ab78cfad44de4ba204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:31:24 GMT
x-content-type-options: nosniff
age: 20681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40741
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 23:21:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 14:31:24 GMT

GET
DATA 200
OK truncated
/ Frame DD58 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13996f1367d8e7a5075c0e9a9e417596aa0e604964a9edb36c2e0273027fdcc1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DD58 33 KB
33 KB 64ms
64ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:56:05 GMT
x-content-type-options: nosniff
age: 26400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:56:05 GMT

GET
H3 200 F9cJirVi9qjlYPcfFapVTELLeNtNpwfIfD-9keFYcI8.js Show response
pagead2.googlesyndication.com/bg/ Frame A296 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F9cJirVi9qjlYPcfFapVTELLeNtNpwfIfD-9keFYcI8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d7098ab562f6a8e560f71f15aa554c42cb78db4da707c87c3fbd91e158708f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 11:02:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15280
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 11:02:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DD58
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CnQeog-1oZcD8FsuG3rsPhZC6OOuC2JB0__v8oJ8R2tkeEAEgm5LOhAFgyYaAgNyjxBCgAfOP-6kpyAEBqQLOrsnOhk6yPqgDAcgDywSqBNIBT9ARxCX6SSwZTOi-xWgGCOFMBaFjX0Juce8...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd93e286f716f33840000000000000000%22,%222%22:%220x9ceaf32c54de382f0000000000000000%22,%223%22:%220xda6dd9...

0
0

145ms
143ms

Fetch
text/css

142.250.123.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd93e286f716f33840000000000000000%22,%222%22:%220x9ceaf32c54de382f0000000000000000%22,%223%22:%220xda6dd9181620a4b70000000000000000%22,%224%22:%220x7c13b20a3d6ad83e0000000000000000%22,%225%22:%220xde1036d6a1a5a0dc0000000000000000%22},%22debug_key%22:%223335548740785337651%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227299913763434873729%22}&andc=true

Protocol

Server

142.250.123.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd93e286f716f33840000000000000000","2":"0x9ceaf32c54de382f0000000000000000","3":"0xda6dd9181620a4b70000000000000000","4":"0x7c13b20a3d6ad83e0000000000000000","5":"0xde1036d6a1a5a0dc0000000000000000"},"debug_key":"3335548740785337651","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"7299913763434873729"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 20:16:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 20:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd93e286f716f33840000000000000000","2":"0x9ceaf32c54de382f0000000000000000","3":"0xda6dd9181620a4b70000000000000000","4":"0x7c13b20a3d6ad83e0000000000000000","5":"0xde1036d6a1a5a0dc0000000000000000"},"debug_key":"3335548740785337651","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"7299913763434873729"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 145ms
143ms Preflight
text/html 142.250.123.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.123.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:16:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
90ms XHR
application/json 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dd6441fa789dfa74ffbfc6b0b8880199801466be43075f9d20b3f6dcd4ce7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12226
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 351ms
350ms Preflight
text/html 142.250.123.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd93e286f716f33840000000000000000%22,%222%22:%220x9ceaf32c54de382f0000000000000000%22,%223%22:%220xda6dd9181620a4b70000000000000000%22,%224%22:%220x7c13b20a3d6ad83e0000000000000000%22,%225%22:%220xde1036d6a1a5a0dc0000000000000000%22},%22debug_key%22:%223335548740785337651%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227299913763434873729%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.123.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:16:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
67ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 20:16:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4913 13 KB
5 KB 69ms
66ms Document
text/html 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://joss.beritateladan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 551896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 10:57:49 GMT
expires: Sat, 23 Nov 2024 10:57:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F271 829 B
998 B 199ms
198ms Document
text/html 2607:f8b0:4023:1404::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::69 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ecd912af64670e072132259d65311cc9d8427b39402ad57bde7307a358b699a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-grULqGszlImiQVgaK8jDIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://joss.beritateladan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-grULqGszlImiQVgaK8jDIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:16:05 GMT
expires: Thu, 30 Nov 2023 20:16:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4913 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:01:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92DF 42 B
64 B 123ms
121ms Fetch
image/gif 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRDAWz79u1j3MS0Yq0BXBfQXzuF3s-XJ0umeAP6Ciwbc_N7tcqD3qdTdsWVsEfPvANu1AHDbqYs8PDocdl8FE4Pks7sGZD7oC7rgT9_YR_eFBoklQ0Yhvgm33EfpeeAtn-0JI5zYvoNA&sai=AMfl-YS7OWD9euD_AMATJPac4n_mtqoNP-m4Lz-KRyP7X5dzIa4YXe5w8HGiLKdAfVFuMqUBN0EbkbqIazxd_ZMHwwC32RdhijI&sig=Cg0ArKJSzHPKrlX-MfwGEAE&cid=CAQSGwDICaaNyY16QRPwBQm_QVAAYc2vYQt_RPbedxgB&id=lidar2&mcvt=1006&p=0,0,600,200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701375364162&rpt=484&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F271 0
0 118ms
117ms Image
text/html 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1470326798989042&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4913 0
10 B 65ms
65ms Image
text/plain 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lV4NaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:16:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 402A 42 B
64 B 125ms
125ms Fetch
image/gif 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumJIP-oquF676ig97BlLHwx80_bOe6l3Hm6grILHm4BG0hrfCtj0NP5XJRFnRB4doCJGU__FA5oG93Drrc5mShffCKc_Lh5CMBBfz9JzIFYGSHy-yuFnVA_i3XEOzukCrPCDk21idoMg&sai=AMfl-YQx3Nr9EdhzCkTD5fBXW6iTCxtgz0D9tTpS5HXH7DBCj2U6Rkwg9iowcX0m3bcigRKDn56r28H801HcbX3sm61kxStrMYg&sig=Cg0ArKJSzIs9l9l1TrkvEAE&cid=CAQSGwDICaaNDKNCB-wNKBzj4ZxGjUuq2YNk4SDg0xgB&id=lidar2&mcvt=1000&p=0,0,600,260&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4218033469&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701375363263&rpt=1876&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD58 42 B
64 B 121ms
121ms Fetch
image/gif 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgA4erXTbZ9cQrbX4WHN1jOg7uxS8-h_dd_uQZpbN7-r5DQxY-h4jy_iIZQ8GwjspxvdHeJniGfBV3UXKZUYE4nDm_XZo_gbHH5ODFE_IR9_UdWOKFfb93VdXdj8Vh-bXXnON5Z4pR2A&sai=AMfl-YTbngmdD1x-oJf25c2oeLtrb6kLhdJeFtkff2Drgd-CJ52FUY0Y402Ydqw573Bqy-i4k6yHaq3UM_MTzScRZVRoyzMB1nc&sig=Cg0ArKJSzP-o4u3TlcYSEAE&cid=CAQSGwDICaaNyY16QRPwBQm_QVAAYc2vYQt_RPbedxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701375364160&rpt=1008&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 119ms
119ms Image
text/html 2607:f8b0:4023:1413::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1470326798989042&bg=!VValVhnNAAY3kmNgF5I7ADQBe5WfON4ubOd8GeQ7TdriLpXX6rEOviJw8g-wRWlUMomL7Kq2hvyO_U5UQyThlkGk4NwIAgAAAH5SAAAABGgBB5kCyT6c43Vet065F9LeRElaKHeU_7smZTyMgRlN2ZOJQ0EUg-P1E1ImoLmackMSH2XtxKWFXDEhx2Gls2YBaWjs3B3D5U9QXvlD5K8wCwKB83Bp4ZGWY1xtGzD1PFFCP28KWcr8vUqOw91rZZfiHGsYmriOm5viFHtWI5Ni2tEqNg0r5P29vo-vf91eHQ2eg84PexZve3wYvrdM9THkiMYc-r-kEeV2Eb77bSYnJsjECxVgGy8BV9ve3nwekYJ0DkAhUz30EGpB37iMSgzILWZSZ377ZHh4jLEhrYIBdWIbSmoUsGKeAiAPUefj1FOIOyLsEZvAcoYA5hzOTt2zfh-KHdp5IWizlor3bQi9gjkJUZ_fQlK0lojds1tQA-ITbddtSac5RaSVfNAKXrA9Y6vykUGAJ9jxHazlzVJ6hgE0E1zZ-ia1qZwQn9xzx-FEP1nRHv28H3sgrYHL-qrJovI38vWWEpQ--9_l-3CwySMGG8hKxgnCkuanwIDpAJOtoIN6CDGYoICiJ57LiUBeHNAm6azRhkplOY5xgALVlrUSR9VAckM4WZnofmhxF2DijPqdBJC29fwCnxcj47V3wlgft_LHTAw9fFJmJFDqvtpn3AhcisWcBkiGRr9sTe73WYzoK4myMGQ-6k3m-pyXgAVZbd-j7frkVj9oDaKiV3vfCKeiol6bMha6iX5k31ZAdeMBgCtqxKB-fW5ve4bR6adAk4IsPSuJZmoqgxZYziL4__p3-OJC8VNOc6aFhUVKIS2BTemS4GmGN1-YgBrSc6X8xd3GtufhWrB4yiXr7ac_wWhGBDCJ0edW3GT94ctUmB1Fs9zscnUrEMK5dpn06ApKMQCIyf-V-oDIOX9j1s8uWW4wTLoFDnuR-Pg9s_YH4XnMpnhJEL1ebQOpbSQYv4Dx1zIHTzpyHsCWgwHMvWfnCKVdMorfI5M-RbqZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:1413::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://joss.beritateladan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 16:36:17	Name: __cf_bm Value: oWUhWwYknHPdPtquZXfGbd9NJEyB7_Z7TZdL.iIKnfY-1701375363-0-AYexlrkw25/TW9NdFaADvNYAMUf/Uqz6qesd+5dOuIRPNM0G4BUa/IQGvRgKBvU3cNO+Ikg4g9sNbDS5c50gaic=
joss.beritateladan.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1139861%22%3A%7B%22page%22%3A1%7D%7D
.doubleclick.net/	1970-01-21 02:12:15	Name: IDE Value: AHWqTUl0D2F1gWFEeSMfgFJPE5-GgRVWm2HOJECeTwyZvbX6j1V0UQswujm3YjSdgLo
.doubleclick.net/	1970-01-20 16:36:18	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:45:51	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.mgid.com
cdn.mgid.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
joss.beritateladan.com
jsc.mgid.com
pagead2.googlesyndication.com
servicer.mgid.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.123.156
2606:4700:1::6813:824c
2606:4700:3037::ac43:c465
2607:f8b0:4023:1402::5f
2607:f8b0:4023:1404::5e
2607:f8b0:4023:1404::69
2607:f8b0:4023:1404::9b
2607:f8b0:4023:1407::9c
2607:f8b0:4023:140f::5e
2607:f8b0:4023:1413::84
2607:f8b0:4023:1413::9b
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13996f1367d8e7a5075c0e9a9e417596aa0e604964a9edb36c2e0273027fdcc1
17d7098ab562f6a8e560f71f15aa554c42cb78db4da707c87c3fbd91e158708f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e0bbace772badf11b3a7a5761a8dcf32d004ec772b97647b6e283542b1d0fd7
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
543f77ff832a065906d5ae777dc9e05d7cf79cc9c0551f42360999becdefe75d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56243d22f1b2be3c072d409e94069db7cec07c48bec8cad948e2ea91cab9a07e
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ecd912af64670e072132259d65311cc9d8427b39402ad57bde7307a358b699a
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
676a0ac7c008db368583234673ac567f7db868fe86951375de1a85a1f05beeab
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6da4cebe7fea6018c545e0192fe99970b115a653c44f97ab78cfad44de4ba204
6f514eb6265c2b30af18fd7e0000d8756cde6132086f76ddff36b791396f38be
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
74853a636fc6d2449396074707a164e4b53512dea492ede7ebf1f024af65b5be
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323
8dd6441fa789dfa74ffbfc6b0b8880199801466be43075f9d20b3f6dcd4ce7c8
94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7
9abf5c66ab4755aa0eeec28134e31c89a92ed9d2a824a69cc2b07562cdcae680
9e2980f5f219d2d96dee452a464a6b5b2ffd71d5c353bb92a6b29f34d7fe21d8
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b3d3198da5716de5a053805b9f27ad71db1725e21692ecf7869e61767d1260dd
b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c1c5f7e9c4188e6bff758f119fa711f6f3bd6507f20141e63da6242001afcbcf
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0
e147a75b08439cda03886851d5de1d5b5d7163b13ae8f638697f2dc4489cf572
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74e9a2b5b5d433b142303983a178310affd05d4fda8d2c9f45e5bbcd4d46bde
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

joss.beritateladan.com Open in urlscan Pro 2606:4700:3037::ac43:c465 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

93 %HTTPS

91 %IPv6

9 Domains

14 Subdomains

12 IPs

1 Countries

1252 kBTransfer

3454 kBSize

5 Cookies

0 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

joss.beritateladan.com Open in urlscan Pro
2606:4700:3037::ac43:c465 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

93 %
HTTPS

91 %
IPv6

9
Domains

14
Subdomains

12
IPs

1
Countries

1252 kB
Transfer

3454 kB
Size

5
Cookies

105 HTTP transactions
4 data transactions