urlscan.io logo urlscan.io
SecurityTrails logo

villagerspost.com Open in urlscan Pro
103.145.226.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.villagerspost.com/
Effective URL: https://villagerspost.com/
Submission: On September 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 88 HTTP transactions. The main IP is 103.145.226.75, located in Indonesia and belongs to IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID. The main domain is villagerspost.com.
TLS certificate: Issued by R3 on September 11th 2021. Valid for: 3 months.
This is the only time villagerspost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 103.145.226.75 139456 (IDNIC-NSR...)
2 3 142.250.110.103 15169 (GOOGLE)
1 2 74.125.133.102 15169 (GOOGLE)
7 66.102.1.154 15169 (GOOGLE)
3 64.233.167.95 15169 (GOOGLE)
1 151.101.113.229 54113 (FASTLY)
7 173.194.76.156 15169 (GOOGLE)
2 108.177.15.94 15169 (GOOGLE)
11 136.243.84.74 24940 (HETZNER-AS)
2 157.240.20.19 32934 (FACEBOOK)
1 1 23.108.102.15 59253 (LEASEWEB-...)
1 23.108.102.25 59253 (LEASEWEB-...)
1 108.177.15.155 15169 (GOOGLE)
1 64.233.184.154 15169 (GOOGLE)
2 108.177.15.156 15169 (GOOGLE)
2 172.253.120.156 15169 (GOOGLE)
3 142.250.74.131 15169 (GOOGLE)
7 74.125.133.132 15169 (GOOGLE)
88 17
37    103.145.226.75 (Indonesia)

ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID)
PTR: dci02.dewaweb.com
www.villagerspost.com
villagerspost.com
3    142.250.110.103 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f103.1e100.net
www.google.com
2    74.125.133.102 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f102.1e100.net
cse.google.com
7    66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
pagead2.googlesyndication.com
3    64.233.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f95.1e100.net
fonts.googleapis.com
1    151.101.113.229 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.de
2    108.177.15.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f94.1e100.net
fonts.gstatic.com
11    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
recreativ.ru
st11.rcvlink.com
2    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    23.108.102.15 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
code.beaverads.com
1    23.108.102.25 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
code.macaw.is
1    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
partner.googleadservices.com
1    64.233.184.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f154.1e100.net
adservice.google.de
2    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
adservice.google.com
2    172.253.120.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f156.1e100.net
www.googletagservices.com
3    142.250.74.131 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f3.1e100.net
www.gstatic.com
7    74.125.133.132 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f132.1e100.net
tpc.googlesyndication.com
Domain Requested by
36 villagerspost.com villagerspost.com
cdn.jsdelivr.net
8 go.rcvlink.com villagerspost.com
go.rcvlink.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com villagerspost.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com villagerspost.com
googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
2 st11.rcvlink.com villagerspost.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 connect.facebook.net villagerspost.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 cse.google.com 1 redirects villagerspost.com
1 recreativ.ru go.rcvlink.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 code.macaw.is villagerspost.com
1 code.beaverads.com 1 redirects
1 cdn.jsdelivr.net villagerspost.com
1 www.villagerspost.com 1 redirects
88 21

This site contains no links.

Subject Issuer Validity Valid
villagerspost.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
rcvlink.com
R3		 2021-07-10 -
2021-10-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-06-21 -
2021-09-19		 3 months crt.sh
macaw.is
R3		 2021-08-09 -
2021-11-07		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://villagerspost.com/
Frame ID: 92DDCDACFC7BC51064ADE515DC5B889B
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 0464CC59712FE60F22FBA78EEBE7FE16
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: EE2E3E3892977F1609F69B39E4BD27FA
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7892899234161583&output=html&adk=318159125&adf=2184669829&lmt=1631362750&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvillagerspost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631362750452&bpp=265&bdt=384&idt=381&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1709608261895&frm=20&pv=2&ga_vid=1402600476.1631362751&ga_sid=1631362751&ga_hid=2132907529&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748552%2C31062297&oid=3&pvsid=2262545704307592&pem=477&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=394
Frame ID: 0FF3A7921E30A0A6648D7928CF306172
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7892899234161583&output=html&h=100&slotname=4449784704&adk=444056458&adf=178921216&pi=t.ma~as.4449784704&w=320&lmt=1631362750&psa=0&format=320x100&url=https%3A%2F%2Fvillagerspost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631362750717&bpp=8&bdt=650&idt=139&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1709608261895&frm=20&pv=1&ga_vid=1402600476.1631362751&ga_sid=1631362751&ga_hid=2132907529&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=960&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748552%2C31062297&oid=3&pvsid=2262545704307592&pem=477&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bkI2o0g8AZ&p=https%3A//villagerspost.com&dtd=143
Frame ID: 2AF208E83FC6965F33228979F9800444
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: 1AF71F7A0F8DF5BF250D3422E375799D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Frame ID: 57D36038621F0F75A39B6DBA55F77C22
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1EC3C20DCEF8B7C480F3EAE5812DC461
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 983E080058E2D57CFB9149F248B0A7CE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 55A8D366AF70CAF1325ECDB948F4E81A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5B0DE44D6C08507EB835E53907B51E5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Villagerspost.com – Suara Kedaulatan Pangan

Page URL History Show full URLs

  1. https://www.villagerspost.com/ HTTP 301
    https://villagerspost.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

88
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

17
IPs

4
Countries

1025 kB
Transfer

2121 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.villagerspost.com/ HTTP 301
    https://villagerspost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.google.com/cse/api/partner-pub-3108287188613731/cse/6811011404/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render HTTP 301
  • https://cse.google.com/cse/api/partner-pub-3108287188613731/cse/6811011404/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render HTTP 301
  • https://cse.google.com/api/partner-pub-3108287188613731:6811011404/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
Request Chain 43
  • https://code.beaverads.com/data/1025479.js?async=1&div=17f04e6d1025479&t=0.20187031834155955 HTTP 301
  • https://code.macaw.is/data/1025479.js?async=1&div=17f04e6d1025479&t=0.20187031834155955
Request Chain 77
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
villagerspost.com/
Redirect Chain
  • https://www.villagerspost.com/
  • https://villagerspost.com/
41 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed / PHP/7.4.23
Resource Hash
8f384483a389b115d48eaba28546f4cdbe3c92693667a3adc5e410869a530292
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
villagerspost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.4.23
content-type
text/html; charset=UTF-8
link
<https://villagerspost.com/wp-json/>; rel="https://api.w.org/"
content-encoding
br
vary
Accept-Encoding
date
Sat, 11 Sep 2021 12:19:09 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff

Redirect headers

x-powered-by
PHP/7.4.23
content-type
text/html; charset=UTF-8
x-redirect-by
WordPress
location
https://villagerspost.com/
content-length
0
date
Sat, 11 Sep 2021 12:19:09 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
popularqueryjs
cse.google.com/api/partner-pub-3108287188613731:6811011404/
Redirect Chain
  • https://www.google.com/cse/api/partner-pub-3108287188613731/cse/6811011404/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
  • https://cse.google.com/cse/api/partner-pub-3108287188613731/cse/6811011404/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
  • https://cse.google.com/api/partner-pub-3108287188613731:6811011404/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
142 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/api/partner-pub-3108287188613731:6811011404/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f102.1e100.net
Software
pfe /
Resource Hash
35a7adc47f0b28a490bc9d574f5f9524646375f0f3a2b914ae26f91be6c5e62a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145
x-xss-protection
0
expires
Sat, 11 Sep 2021 12:19:10 GMT

Redirect headers

date
Sat, 11 Sep 2021 12:19:10 GMT
x-content-type-options
nosniff
server
pfe
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://cse.google.com/api/partner-pub-3108287188613731:6811011404/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
cache-control
private, max-age=2592000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
374
x-xss-protection
0
expires
Sat, 11 Sep 2021 12:19:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
80483feff728291a90a99ce906d700a39ef3e99919ff73cfa83211210732b84f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49470
x-xss-protection
0
server
cafe
etag
15544375926243865214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 12:19:10 GMT
style.min.css
villagerspost.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 30 Apr 2021 05:47:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
8822
expires
Sat, 18 Sep 2021 12:19:10 GMT
theme.min.css
villagerspost.com/wp-includes/css/dist/block-library/ 		3 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:24:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
700
expires
Sat, 18 Sep 2021 12:19:10 GMT
style.css
villagerspost.com/wp-content/themes/point/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-content/themes/point/style.css?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
6317dc687a16b0b9aad813b90abdc8d4b010fd01e02f44876131ba3b22bb06d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/point/style.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:25:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
12780
expires
Sat, 18 Sep 2021 12:19:10 GMT
css
fonts.googleapis.com/ 		754 B
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&subset=latin-ext
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f95.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 11:07:54 GMT
server
ESF
date
Sat, 11 Sep 2021 12:19:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 12:19:10 GMT
jquery.min.js
villagerspost.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:24:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
31983
expires
Sat, 18 Sep 2021 12:19:10 GMT
jquery-migrate.min.js
villagerspost.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:24:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
4285
expires
Sat, 18 Sep 2021 12:19:10 GMT
customscripts.js
villagerspost.com/wp-content/themes/point/js/ 		3 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-content/themes/point/js/customscripts.js?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
3a02ffcb276857c2187c221e749f612aa94e493061292cb938a693e0a2bc1a9d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/point/js/customscripts.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:25:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
937
expires
Sat, 18 Sep 2021 12:19:10 GMT
logo1.png
villagerspost.com/wp-content/uploads/2015/06/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2015/06/logo1.png
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
b91440337ba5073a5c85f0115440ab0fbb01b4b2e3e18cdd165ccf6102e1b0db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2015/06/logo1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2015 14:45:46 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
75182
expires
Sat, 18 Sep 2021 12:19:10 GMT
dashicons.min.css
villagerspost.com/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/css/dashicons.min.css?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 30 Apr 2021 05:47:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
35200
expires
Sat, 18 Sep 2021 12:19:10 GMT
thickbox.css
villagerspost.com/wp-includes/js/thickbox/ 		3 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/js/thickbox/thickbox.css?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/thickbox/thickbox.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:24:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
918
expires
Sat, 18 Sep 2021 12:19:10 GMT
wp-slimstat.min.js
cdn.jsdelivr.net/wp/wp-slimstat/tags/4.8.8.1/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/wp/wp-slimstat/tags/4.8.8.1/wp-slimstat.min.js
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d9a556c830024a4105d859c0a1824c5ecfcb2741e3602ed04fa2789f15576a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6709439
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
12971
etag
W/"9528-ibunHRgV3PlNaAz6vnmPhMZzQGk"
x-served-by
cache-fra19182-FRA, cache-hhn4055-HHN
date
Sat, 11 Sep 2021 12:19:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
wp-embed.min.js
villagerspost.com/wp-includes/js/ 		1 KB
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:24:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
708
expires
Sat, 18 Sep 2021 12:19:10 GMT
thickbox.js
villagerspost.com/wp-includes/js/thickbox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:24:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
4059
expires
Sat, 18 Sep 2021 12:19:10 GMT
wp-emoji-release.min.js
villagerspost.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:24:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
4548
expires
Sat, 18 Sep 2021 12:19:10 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95416
x-xss-protection
0
server
cafe
etag
8941794579414213630
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 12:19:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 0464 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://villagerspost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 10 Sep 2021 14:11:21 GMT
expires
Fri, 24 Sep 2021 14:11:21 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
79669
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f94.1e100.net
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://villagerspost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 22:08:20 GMT
x-content-type-options
nosniff
age
137450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 22:08:20 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f94.1e100.net
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://villagerspost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 22:01:49 GMT
x-content-type-options
nosniff
age
51441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 22:01:49 GMT
point.woff
villagerspost.com/wp-content/themes/point/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-content/themes/point/fonts/point.woff?29400515
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/wp-content/themes/point/style.css?ver=5.7.1
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
6177da63c46574dfaaa8836f5fe858df5cd83bfaa97e09407697e6761aff0f70
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/point/fonts/point.woff?29400515
pragma
no-cache
origin
https://villagerspost.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
villagerspost.com
referer
https://villagerspost.com/wp-content/themes/point/style.css?ver=5.7.1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://villagerspost.com/wp-content/themes/point/style.css?ver=5.7.1
Origin
https://villagerspost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 03:25:52 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7460
expires
Sat, 18 Sep 2021 12:19:11 GMT
sagu-jayapura-kab-620x315.jpg
villagerspost.com/wp-content/uploads/2019/06/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2019/06/sagu-jayapura-kab-620x315.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
80e7afaf5a111f3d0223d6e8e6f75a6338d954d7741ca7a1710a748920ab0646
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2019/06/sagu-jayapura-kab-620x315.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Jun 2019 15:11:28 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
63379
expires
Sat, 18 Sep 2021 12:19:11 GMT
kebun-sawit-pajak-go-id-300x200.jpg
villagerspost.com/wp-content/uploads/2016/04/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2016/04/kebun-sawit-pajak-go-id-300x200.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
6a2a15487e45f07479eac559297648af40e61009b30b2c14bb39a5ace80f235c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2016/04/kebun-sawit-pajak-go-id-300x200.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Apr 2016 08:52:26 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35862
expires
Sat, 18 Sep 2021 12:19:11 GMT
lele-brebes-140x100.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/lele-brebes-140x100.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
60d2794de0ae064824adf4032329ee18b33b96b771198bff8158d86381f7fad5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/lele-brebes-140x100.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 02:57:18 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5249
expires
Sat, 18 Sep 2021 12:19:11 GMT
bumi-akpelni-140x100.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/bumi-akpelni-140x100.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
dc4b8d04c87dfb6ddbe2a8e8e08dbe1131d3fe1f786c6c562865ddea337f9fbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/bumi-akpelni-140x100.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 02:46:32 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5177
expires
Sat, 18 Sep 2021 12:19:11 GMT
sagu-jayapura-kab-220x162.jpg
villagerspost.com/wp-content/uploads/2019/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2019/06/sagu-jayapura-kab-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
4464e83a3715e8b5bd019da07c9bab91a6d89e4a1d9d529b71c7aaaee0cdd117
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2019/06/sagu-jayapura-kab-220x162.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Jun 2019 15:11:28 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15709
expires
Sat, 18 Sep 2021 12:19:11 GMT
kebun-sawit-pajak-go-id-220x162.jpg
villagerspost.com/wp-content/uploads/2016/04/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2016/04/kebun-sawit-pajak-go-id-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
a36d360dd82da1475e174ea06f87d57b8ec8ae0b2c900552d2dfe7116abbfcee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2016/04/kebun-sawit-pajak-go-id-220x162.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Apr 2016 08:52:26 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22224
expires
Sat, 18 Sep 2021 12:19:11 GMT
lele-brebes-220x162.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/lele-brebes-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
4832fcc53cd861217149a4ed6032cb01d374731312c035aca181552f542653b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/lele-brebes-220x162.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 02:57:18 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10696
expires
Sat, 18 Sep 2021 12:19:11 GMT
bumi-akpelni-220x162.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/bumi-akpelni-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
f0244c98f0cd59aa0007729f989f4ea93074de0c71c1e89427a240b41797881c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/bumi-akpelni-220x162.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 02:46:32 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10097
expires
Sat, 18 Sep 2021 12:19:11 GMT
kartu-kusuka1-220x162.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/kartu-kusuka1-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
a32385a38fbf43f2cb76514184f709067463a085a55f03b98b687a72638fe216
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/kartu-kusuka1-220x162.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Sat, 21 Aug 2021 23:38:23 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9815
expires
Sat, 18 Sep 2021 12:19:11 GMT
krkp1-220x162.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/krkp1-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
e2f398ee75a7494acb9704009a41ac72e62fddc078bbce310558adc17c1b6b42
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/krkp1-220x162.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Aug 2021 06:30:48 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5457
expires
Sat, 18 Sep 2021 12:19:11 GMT
knti2-220x162.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/knti2-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
a7ab56e769dacc45f7c6ec7c11f368fd2be6ea0ca0482dccaecab746b22ff80e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/knti2-220x162.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Aug 2021 05:57:13 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8957
expires
Sat, 18 Sep 2021 12:19:11 GMT
unnamed-1-220x162.jpg
villagerspost.com/wp-content/uploads/2019/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2019/09/unnamed-1-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
380f0a8345555b8098d8bf14e7fc135de808b76bba34f2da3a25fcb80453b1da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2019/09/unnamed-1-220x162.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Sep 2019 14:28:29 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15627
expires
Sat, 18 Sep 2021 12:19:11 GMT
greenpeace-batubara-220x162.jpg
villagerspost.com/wp-content/uploads/2017/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2017/01/greenpeace-batubara-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
286aeece9b3f6a1ae8a2ef412aba1031769dd657d70a13837c392a188634453a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2017/01/greenpeace-batubara-220x162.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Sat, 28 Jan 2017 11:55:21 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10076
expires
Sat, 18 Sep 2021 12:19:11 GMT
merti-bumi-bangkit6-220x162.jpg
villagerspost.com/wp-content/uploads/2016/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2016/05/merti-bumi-bangkit6-220x162.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
59ef538a7e9aabd4da11d260fed1b5a943e869b4903dbd696ebc48b3104a1bc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2016/05/merti-bumi-bangkit6-220x162.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 May 2016 02:50:47 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9984
expires
Sat, 18 Sep 2021 12:19:11 GMT
main.js
go.rcvlink.com/static/ Frame EE2E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/main.js
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
0ad48e80fbe5b37de8bb25a87f6da522fc183a0667ba14eed2de45eec9e2c497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 21:28:24 GMT
server
nginx
etag
W/"60678c78-17d5"
content-type
application/javascript
cache-control
max-age=86400
expires
Sun, 12 Sep 2021 12:19:10 GMT
sagu-jayapura-kab-140x130.jpg
villagerspost.com/wp-content/uploads/2019/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2019/06/sagu-jayapura-kab-140x130.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
6619e165f35449b8d60bc07c5ae6eed84cb5145f512b1eb462843b30d0be1ec0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2019/06/sagu-jayapura-kab-140x130.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Jun 2019 15:11:28 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8949
expires
Sat, 18 Sep 2021 12:19:12 GMT
kebun-sawit-pajak-go-id-140x130.jpg
villagerspost.com/wp-content/uploads/2016/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2016/04/kebun-sawit-pajak-go-id-140x130.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
eeaab656d6229006b6a12e418ec42f7daa241f90a54755cb6b8788c981350a4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2016/04/kebun-sawit-pajak-go-id-140x130.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Apr 2016 08:52:26 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11942
expires
Sat, 18 Sep 2021 12:19:12 GMT
lele-brebes-140x130.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/lele-brebes-140x130.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
7385915629876329b41ebf9eeac4176a398ed5783e4f401b1c9f50440ce63a1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/lele-brebes-140x130.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 02:57:18 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6458
expires
Sat, 18 Sep 2021 12:19:12 GMT
bumi-akpelni-140x130.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/bumi-akpelni-140x130.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
e400766ee46f80e9bc329ff38c20727b35b29e378bab2e3d9e312f16d5906818
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/bumi-akpelni-140x130.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 02:46:32 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5724
expires
Sat, 18 Sep 2021 12:19:12 GMT
kartu-kusuka1-140x130.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/kartu-kusuka1-140x130.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
091ff3170a0b7615c4490c155b4b6991745e26e6f297f9c1a97c097a49aa6372
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/kartu-kusuka1-140x130.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:12 GMT
x-content-type-options
nosniff
last-modified
Sat, 21 Aug 2021 23:38:23 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5853
expires
Sat, 18 Sep 2021 12:19:12 GMT
krkp1-140x130.jpg
villagerspost.com/wp-content/uploads/2021/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-content/uploads/2021/08/krkp1-140x130.jpg
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
49486cec39b8692a160516361272bc3138ed88038d608250404dcd40fd29c486
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/uploads/2021/08/krkp1-140x130.jpg
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Aug 2021 06:30:48 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3694
expires
Sat, 18 Sep 2021 12:19:12 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
02331763e04cbef28009d4e0a0385f2256ea0945bd75bbf3517466addd797132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OwaP/j0AuXbQQNDGR43EAg==
cross-origin-resource-policy
cross-origin
expires
Sat, 11 Sep 2021 12:19:22 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
Jn6KqRgLnBEeZ8ayQ6pJ/HPP3wSSqNFO4FBxu/oEf6XxYqV+cRZpNlIclaEx8A2KD2YtikBG6LwXlLWQpt66lg==
x-fb-trip-id
686109401
x-fb-content-md5
8ca3552b841f0487c15374814ab16803
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 11 Sep 2021 12:19:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"14c01dc36a8a73ac83e4652adc070e73"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
1025479.js
code.macaw.is/data/
Redirect Chain
  • https://code.beaverads.com/data/1025479.js?async=1&div=17f04e6d1025479&t=0.20187031834155955
  • https://code.macaw.is/data/1025479.js?async=1&div=17f04e6d1025479&t=0.20187031834155955
0
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://code.macaw.is/data/1025479.js?async=1&div=17f04e6d1025479&t=0.20187031834155955
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.108.102.25 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
server
nginx
allow
GET, POST, HEAD, OPTIONS
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/x-javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0

Redirect headers

location
https://code.macaw.is/data/1025479.js?async=1&div=17f04e6d1025479&t=0.20187031834155955
date
Sat, 11 Sep 2021 12:19:11 GMT
server
nginx
content-length
162
content-type
text/html
sdk.js
connect.facebook.net/en_US/ 		222 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aa28b3ce4e30563884f867f76a6d4341
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
6a7ff6740e66c0d4686925b447f57b333136562f3bec05a33ca8a3a354892917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://villagerspost.com/
Origin
https://villagerspost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
zJXvCeqUGMzCj8DXnkwEkQ==
cross-origin-resource-policy
cross-origin
expires
Sun, 11 Sep 2022 11:30:11 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66832
x-fb-rlafr
0
x-fb-debug
E4t5og175wwoyzrB8OsQIq+2kJC+e+UazxClPB1zaybACrNN+ZhUPwv/SdhcbXPjM1161oAYakB9Ur6PafKrhg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c4309bd306f74283f24ce01dfdb01e68
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 11 Sep 2021 12:19:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"62ef7ba553cf7819da7ec85a38a5ae84"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cookie.js
partner.googleadservices.com/gampad/ 		207 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=villagerspost.com&callback=_gfp_s_&client=ca-pub-7892899234161583
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
cafe /
Resource Hash
59d39ae19c5a0a6be94db760d46467db9d39d1408be426a585a0f38ff6935038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=villagerspost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=villagerspost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0FF3 		132 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7892899234161583&output=html&adk=318159125&adf=2184669829&lmt=1631362750&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvillagerspost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631362750452&bpp=265&bdt=384&idt=381&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1709608261895&frm=20&pv=2&ga_vid=1402600476.1631362751&ga_sid=1631362751&ga_hid=2132907529&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748552%2C31062297&oid=3&pvsid=2262545704307592&pem=477&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=394
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
d8b408807804b50d2bfbe58dabbc6d7443a4fabaf798dfb2bc5444d5bfb1c407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7892899234161583&output=html&adk=318159125&adf=2184669829&lmt=1631362750&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvillagerspost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631362750452&bpp=265&bdt=384&idt=381&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1709608261895&frm=20&pv=2&ga_vid=1402600476.1631362751&ga_sid=1631362751&ga_hid=2132907529&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748552%2C31062297&oid=3&pvsid=2262545704307592&pem=477&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=394
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://villagerspost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 12:19:11 GMT
server
cafe
content-length
32262
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 12:34:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 12:19:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.120.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wd-in-f156.1e100.net
Software
sffe /
Resource Hash
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273431406706"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
expires
Sat, 11 Sep 2021 12:19:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2AF2 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7892899234161583&output=html&h=100&slotname=4449784704&adk=444056458&adf=178921216&pi=t.ma~as.4449784704&w=320&lmt=1631362750&psa=0&format=320x100&url=https%3A%2F%2Fvillagerspost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631362750717&bpp=8&bdt=650&idt=139&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1709608261895&frm=20&pv=1&ga_vid=1402600476.1631362751&ga_sid=1631362751&ga_hid=2132907529&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=960&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748552%2C31062297&oid=3&pvsid=2262545704307592&pem=477&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bkI2o0g8AZ&p=https%3A//villagerspost.com&dtd=143
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
5b017b595d5c86af2130ce644a2223589a78cf6d81ba47d3e7fba84516dfed36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7892899234161583&output=html&h=100&slotname=4449784704&adk=444056458&adf=178921216&pi=t.ma~as.4449784704&w=320&lmt=1631362750&psa=0&format=320x100&url=https%3A%2F%2Fvillagerspost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631362750717&bpp=8&bdt=650&idt=139&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1709608261895&frm=20&pv=1&ga_vid=1402600476.1631362751&ga_sid=1631362751&ga_hid=2132907529&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=960&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748552%2C31062297&oid=3&pvsid=2262545704307592&pem=477&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bkI2o0g8AZ&p=https%3A//villagerspost.com&dtd=143
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://villagerspost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 12:19:11 GMT
server
cafe
content-length
211
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 12:34:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 12:19:11 GMT
cache-control
private
1
recreativ.ru/cs/1/ Frame EE2E 		34 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
923f4a1d965175b1206c2c44c646334e362732019b5a197d28e21e9542dee24c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b14
cache-control
private, max-age=315360000
expires
Tue, 09 Sep 2031 15:19:11 +0300
1
go.rcvlink.com/cs/1/ Frame EE2E 		34 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
8ec41d84ea9f2637285dd259d75d387aa521d3fb7c9b001c16efceb6631e1f2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:10 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b17
cache-control
private, max-age=315360000
expires
Tue, 09 Sep 2031 15:19:10 +0300
loadingAnimation.gif
villagerspost.com/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://villagerspost.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed /
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/thickbox/loadingAnimation.gif
pragma
no-cache
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 05 Apr 2020 17:29:31 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15238
expires
Sat, 18 Sep 2021 12:19:13 GMT
1
go.rcvlink.com/cs/1/ Frame EE2E 		34 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
923f4a1d965175b1206c2c44c646334e362732019b5a197d28e21e9542dee24c

Request headers

Cache-Control
max-age=0
Referer
https://villagerspost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
x-cache
t5jY69bUvW_62Bo

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
https://villagerspost.com
hn
b27
cache-control
private, max-age=315360000
access-control-allow-credentials
true
expires
Tue, 09 Sep 2031 15:19:11 +0300
1
go.rcvlink.com/cs/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Protocol
H2
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,x-cache
Origin
https://villagerspost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 11 Sep 2021 12:19:11 GMT
hn
b17
access-control-allow-origin
*
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Cache-Control, x-cache
access-control-max-age
86400
iframe.htm
go.rcvlink.com/static/ Frame 1AF7 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a246ce67a0c24d374ac5c4d6236a3b1adc184394a98b0c854a8b76ab11472c4f

Request headers

:method
GET
:authority
go.rcvlink.com
:scheme
https
:path
/static/iframe.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://villagerspost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/

Response headers

server
nginx
date
Sat, 11 Sep 2021 12:19:11 GMT
content-type
text/html
last-modified
Wed, 21 Apr 2021 10:06:02 GMT
etag
W/"607ff90a-34de"
expires
Sun, 12 Sep 2021 12:19:11 GMT
cache-control
max-age=86400
content-encoding
gzip
/
go.rcvlink.com/bdto/WJUo365HCB/ Frame 1AF7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/WJUo365HCB/?cache=t5jY69bUvW_62Bo&ver=210421-1306&w=288&h=0&vw=1600&ms=390.1&ref=https%3A%2F%2Fvillagerspost.com%2F
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
cade5026c3fcd95f91c5ae3f9ffe831557680fc1a5f2a4b38ddb117d8a0d61e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 12:19:11 GMT
content-encoding
gzip
last-modified
Sat, 11 Sep 2021 12:19:11 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b15
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/json
expires
Sat, 11 Sep 2021 15:19:11 +0300
6c21f5deac4180f145f70da00e1e62e1
st11.rcvlink.com/2/304/ Frame 1AF7 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/6c21f5deac4180f145f70da00e1e62e1
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
80241b6a40d6f17068b1a18b7121fc130a37115d6e208a5c0dce126d4fa37aac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
last-modified
Fri, 14 May 2021 14:43:49 GMT
server
nginx
etag
"609e8ca5-11e16"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
19480
expires
Fri, 10 Dec 2021 12:19:11 GMT
4171746c1c98b40ab31f8d6a55dfe17e
st11.rcvlink.com/2/304/ Frame 1AF7 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/4171746c1c98b40ab31f8d6a55dfe17e
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa56b42318625a5576c0250427226a07aa1dbb349e013780a4ce59fd2fe8b95a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
last-modified
Fri, 14 May 2021 14:45:02 GMT
server
nginx
etag
"609e8cee-dbdd"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
14828
expires
Fri, 10 Dec 2021 12:19:11 GMT
logo160.png
go.rcvlink.com/img/ Frame 1AF7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Sat, 18 Sep 2021 12:19:11 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
2a60861cee01f0d828b47898f2a79daa72e635d720e34b655657df2b98eaaa6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53104
x-xss-protection
0
server
cafe
etag
6845393147303227141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 12:19:11 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=villagerspost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 12:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=villagerspost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 12:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/ Frame 57D3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://villagerspost.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 10 Sep 2021 19:14:32 GMT
expires
Fri, 24 Sep 2021 19:14:32 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
61479
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 57D3 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f95.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 11:48:54 GMT
server
ESF
date
Sat, 11 Sep 2021 12:19:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 12:19:11 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 57D3 		205 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:57:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
87694
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
expires
Sat, 10 Sep 2022 11:57:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 57D3 		604 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 02:58:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
33646
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
expires
Sun, 11 Sep 2022 02:58:25 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/ Frame 57D3 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f132.1e100.net
Software
cafe /
Resource Hash
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 00:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7693
x-xss-protection
0
server
cafe
etag
15492606927302909567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 00:28:39 GMT
css
fonts.googleapis.com/ Frame 1EC3 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f95.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 11:50:55 GMT
server
ESF
date
Sat, 11 Sep 2021 12:19:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 12:19:11 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 1EC3 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f132.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 17:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 17:14:39 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 1EC3 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 21:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 21:23:51 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 1EC3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 20:31:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1EC3 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.120.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wd-in-f156.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:11 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Sat, 11 Sep 2021 12:19:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 1EC3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 17:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 17:14:32 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame 1EC3 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 21:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 02:45:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 Dec 2021 21:08:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 983E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 12:14:09 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 983E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 12:19:11 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 11-Sep-2021 13:19:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 12:19:11 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 12:19:11 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
go.rcvlink.com/bv/cgPjIZjEpQkhra4ZPSkqz-hSmjLDDU083jfHiSjcJYIstnwbx6leIW8iHBB2sBCghHww215prPdeYhpMjusHEvgAeuRyQ7yGGWPfKLxMzummex-F-ovmmZ6ipQ2cQJHkc8L71QznFp74oAjDgzA1mvT6WJkW5qNZ2XhiRgalbyu2BMpj-M5... Frame 1AF7 		43 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/bv/cgPjIZjEpQkhra4ZPSkqz-hSmjLDDU083jfHiSjcJYIstnwbx6leIW8iHBB2sBCghHww215prPdeYhpMjusHEvgAeuRyQ7yGGWPfKLxMzummex-F-ovmmZ6ipQ2cQJHkc8L71QznFp74oAjDgzA1mvT6WJkW5qNZ2XhiRgalbyu2BMpj-M5_ebJIpRTs5rOxw4a8CyRKaSTGlaXiawg/?c=389-20-8-1400-1400&ver=210421-1306&io=1&m=W1sxMDAwLDEwMDAsImJpbXAiLCIiXSxbMTAwMCwxMDAwLCJ0aW1wIiwicmFBbzh4SXdPTEwyS2huLVd0VGxoVUJZUDhHTVZQZ2JDX3g2MnBFdldxVnFEd0tDM3ZNSU5Ndm9CMU4zY0VIenZDbWlFTkN2T0VReGlZQlFoZEtXa0F6cVlyM1VQSWpFNUxBemUxMCJdLFsxMDAwLDEwMDAsInRpbXAiLCJyYUFvOHhJd09MTDJLaG4tV3RUbGhVQllQOEdNVlBnYkNfeDYycEV2V3FWcUR3S0Mzdk1JTk12b0IxTjNjRUh6dkNtaUVNdXZPRVF4ZzdsUUI5aVdjUXpxWXIzVVBJakU1TEF6ZTEwIl1d
Requested by
Host: villagerspost.com
URL: https://villagerspost.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

hn
b24
date
Sat, 11 Sep 2021 12:19:12 GMT
cache-control
no-store
server
nginx
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
b24a85af32e798a012c79ccf4f6b0ad0200e9d71fd1fb3c0292ab94074fe9af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 12:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8661
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7892899234161583&plah=villagerspost.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f132.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 11 Sep 2021 12:19:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 55A8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f132.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://villagerspost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 06 Sep 2021 21:20:48 GMT
expires
Tue, 06 Sep 2022 21:20:48 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
399505
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C5B0 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.110.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f103.1e100.net
Software
GSE /
Resource Hash
6b67451314a109cff60e50a2e1e27d79d77b4307a8b50d1408a23a53d532ee36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-agwn03wm6JfiKABdq3eqRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://villagerspost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 11 Sep 2021 12:19:13 GMT
date
Sat, 11 Sep 2021 12:19:13 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-agwn03wm6JfiKABdq3eqRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
admin-ajax.php
villagerspost.com/wp-admin/ 		38 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://villagerspost.com/wp-admin/admin-ajax.php
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/wp/wp-slimstat/tags/4.8.8.1/wp-slimstat.min.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.145.226.75 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),
Reverse DNS
dci02.dewaweb.com
Software
LiteSpeed / PHP/7.4.23
Resource Hash
d6e0235872654cac1daa4cc5390a4febbf9d10206da4d4d0dfd648d1272db930
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://villagerspost.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
__gads=ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
content-length
239
:path
/wp-admin/admin-ajax.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
villagerspost.com
referer
https://villagerspost.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://villagerspost.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 11 Sep 2021 12:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
PHP/7.4.23
vary
Accept-Encoding
content-length
36
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://villagerspost.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
set-cookie
slimstat_tracking_code=75191.0652a1c201a21aacd963c45e193b70fa; expires=Sat, 11-Sep-2021 12:49:13 GMT; Max-Age=1800; path=/; secure
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C5B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=2262545704307592&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 55A8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 19:54:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
231904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 19:54:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=2262545704307592&bg=!GBulG1_NAAYT0U73E9E7ACkAdvg8Wsh_XYaaVkbbR1IYCjcmTmYl8_t4d5LXk5Qd5Ih3kTEZNDyQAQIAAABMUgAAAAhoAQcKAO3i9TiNmd4GcJXqKsS5yIOSaT46HR6cqMgDqmoqyB6IKxtyXCuEQRB7KAS9vbFuwzXozoeufPhYsbDZJ4NlIPg7T8gEJfHcSq1ODqY1tEuzmcMNLtqwj_PQ7fJxFg_sZryfJMUKOHUsYoVA-vTLun_DeFoJ6ExR4Sy2L7NJKaw8JYG-IjhKKA7bsINLSX8zE_WuZDtW5jduJfB3qMW1GaOftLPtxGF2YQyOEw1HgCmAfQCqj6CSn_su1F09PEprBVUUPC0y27EKSL7VEfd9QhndD2dP7bZZD0LlZBC_HlM_8PV4AFgnSqN3V3Dy3QaZAn4lTUuoSaV4FTGWtjZFr8txuQd_AMwDne9pMPlP-pUJdF0eSsSCYp5SPo1gCLECOxy1Ni7WKXeEkij6YFsLvGIkI_2cAc-3dPPEshs9l2K30VlESbzPwREusMJ5fiU6rsdFlc7uH6R-xoti0dTr43O4pvDlfdsSFdSSfQlgYQOZ3GATqc7raN6qlptrQcx1NXkZZSjSafp0t3T2WBEAM4VfTzwgqi85lsWz633m8xLgoQ8CaJoPWZeuvaA7sT7K-rDNNPai3QFiigIVz9KzwZlyglF719WELwtgvKBNfyD8s2z2PsuWI_jJw5R-RFEuKNk1b1qu79xPd1odA5u1EFf7YcOhoMQfKURZcdXGaE-yBBR1Efr_OGEbNh-rUUV-K5XKrDUg1n6DlDGgT7JkGwPAJGAEX3tvrqUnRzBmQhmvyGQNrr61HS5zdC1wuNhZ2jJZmp5Qv09rey7ZQaay9iUpfw8NNB5gzsZv_j6M_lNvUa7MU5CZQqkRUE31-_qbSuW5cbBw4dVfxGNUYY1F947wfxs2ddBMB-p3TZUsINz_zGFuIziwnCvjQT4_WYn7MOrTMov0cpsL2qBZAT35jyzvywCHU710ApOrN_bQ4J_XRLGXXC6jb0lD_J5soPVkxrRHbjMkqRFTCKGmf4JEVPzQlx0uZtbcr8FJXQqiM__3-M7vcnfyh-td9Uz3uqn2U_hrlECFeD93KVi8Wobt6qOlq5GzKpsWEWzhg77W4LAc1ZO7eZEBvrY2f8SKAOEd50axurjcYBlq47nUXqDLAcjtcRkEeRZG7U2J6J97eTcfK5Bils79UpQJHy_RrScE1-yvjpMmTa4Ctu0mKCouOw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://villagerspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 12:19:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint undefined| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| loaded_blocks_beaverads object| FB function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| SlimStatParams object| SlimStat function| Fingerprint2 object| wp object| thickboxL10n string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| imgLoader function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| twemoji object| google_llp object| googletag string| slimstat_data boolean| use_beacon object| all_clickable object| GoogleGcLKhOms object| values number| x object| screenres object| slim_performance object| xhr object| opt_out_cookies boolean| show_optout object| google_image_requests number| parsed_id

6 Cookies

Domain/Path Name / Value
.villagerspost.com/ Name: __gads
Value: ID=9ff5f701cb30d482-22d72cc6f1ca005c:T=1631362750:RT=1631362750:S=ALNI_MaGfWM9tEPj80s8Ejgsmb_SaHr9lw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.go.rcvlink.com/ Name: cache
Value: t5jY69bUvW_62Bo
.doubleclick.net/ Name: DSID
Value: NO_DATA
.macaw.is/ Name: nid
Value: F2xmGWE8nr9Mk1YJCCiAAg==
villagerspost.com/ Name: slimstat_tracking_code
Value: 75191.0652a1c201a21aacd963c45e193b70fa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
code.beaverads.com
code.macaw.is
connect.facebook.net
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
recreativ.ru
st11.rcvlink.com
tpc.googlesyndication.com
villagerspost.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.villagerspost.com
103.145.226.75
108.177.15.155
108.177.15.156
108.177.15.94
136.243.84.74
142.250.110.103
142.250.74.131
151.101.113.229
157.240.20.19
172.253.120.156
173.194.76.156
23.108.102.15
23.108.102.25
64.233.167.95
64.233.184.154
66.102.1.154
74.125.133.102
74.125.133.132
02331763e04cbef28009d4e0a0385f2256ea0945bd75bbf3517466addd797132
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
091ff3170a0b7615c4490c155b4b6991745e26e6f297f9c1a97c097a49aa6372
0ad48e80fbe5b37de8bb25a87f6da522fc183a0667ba14eed2de45eec9e2c497
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
286aeece9b3f6a1ae8a2ef412aba1031769dd657d70a13837c392a188634453a
2a60861cee01f0d828b47898f2a79daa72e635d720e34b655657df2b98eaaa6a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
35a7adc47f0b28a490bc9d574f5f9524646375f0f3a2b914ae26f91be6c5e62a
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
380f0a8345555b8098d8bf14e7fc135de808b76bba34f2da3a25fcb80453b1da
3a02ffcb276857c2187c221e749f612aa94e493061292cb938a693e0a2bc1a9d
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
4464e83a3715e8b5bd019da07c9bab91a6d89e4a1d9d529b71c7aaaee0cdd117
4832fcc53cd861217149a4ed6032cb01d374731312c035aca181552f542653b2
49486cec39b8692a160516361272bc3138ed88038d608250404dcd40fd29c486
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
59d39ae19c5a0a6be94db760d46467db9d39d1408be426a585a0f38ff6935038
59ef538a7e9aabd4da11d260fed1b5a943e869b4903dbd696ebc48b3104a1bc3
5b017b595d5c86af2130ce644a2223589a78cf6d81ba47d3e7fba84516dfed36
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60d2794de0ae064824adf4032329ee18b33b96b771198bff8158d86381f7fad5
6177da63c46574dfaaa8836f5fe858df5cd83bfaa97e09407697e6761aff0f70
6317dc687a16b0b9aad813b90abdc8d4b010fd01e02f44876131ba3b22bb06d3
6619e165f35449b8d60bc07c5ae6eed84cb5145f512b1eb462843b30d0be1ec0
6a2a15487e45f07479eac559297648af40e61009b30b2c14bb39a5ace80f235c
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6a7ff6740e66c0d4686925b447f57b333136562f3bec05a33ca8a3a354892917
6b67451314a109cff60e50a2e1e27d79d77b4307a8b50d1408a23a53d532ee36
7385915629876329b41ebf9eeac4176a398ed5783e4f401b1c9f50440ce63a1c
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
80241b6a40d6f17068b1a18b7121fc130a37115d6e208a5c0dce126d4fa37aac
80483feff728291a90a99ce906d700a39ef3e99919ff73cfa83211210732b84f
80e7afaf5a111f3d0223d6e8e6f75a6338d954d7741ca7a1710a748920ab0646
8ec41d84ea9f2637285dd259d75d387aa521d3fb7c9b001c16efceb6631e1f2f
8f384483a389b115d48eaba28546f4cdbe3c92693667a3adc5e410869a530292
923f4a1d965175b1206c2c44c646334e362732019b5a197d28e21e9542dee24c
a246ce67a0c24d374ac5c4d6236a3b1adc184394a98b0c854a8b76ab11472c4f
a32385a38fbf43f2cb76514184f709067463a085a55f03b98b687a72638fe216
a36d360dd82da1475e174ea06f87d57b8ec8ae0b2c900552d2dfe7116abbfcee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a7ab56e769dacc45f7c6ec7c11f368fd2be6ea0ca0482dccaecab746b22ff80e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa56b42318625a5576c0250427226a07aa1dbb349e013780a4ce59fd2fe8b95a
b24a85af32e798a012c79ccf4f6b0ad0200e9d71fd1fb3c0292ab94074fe9af2
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b91440337ba5073a5c85f0115440ab0fbb01b4b2e3e18cdd165ccf6102e1b0db
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cade5026c3fcd95f91c5ae3f9ffe831557680fc1a5f2a4b38ddb117d8a0d61e7
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
d6e0235872654cac1daa4cc5390a4febbf9d10206da4d4d0dfd648d1272db930
d8b408807804b50d2bfbe58dabbc6d7443a4fabaf798dfb2bc5444d5bfb1c407
d9a556c830024a4105d859c0a1824c5ecfcb2741e3602ed04fa2789f15576a33
dc4b8d04c87dfb6ddbe2a8e8e08dbe1131d3fe1f786c6c562865ddea337f9fbd
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e2f398ee75a7494acb9704009a41ac72e62fddc078bbce310558adc17c1b6b42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e400766ee46f80e9bc329ff38c20727b35b29e378bab2e3d9e312f16d5906818
eeaab656d6229006b6a12e418ec42f7daa241f90a54755cb6b8788c981350a4e
f0244c98f0cd59aa0007729f989f4ea93074de0c71c1e89427a240b41797881c