www.jaditau.net Open in urlscan Pro
103.243.172.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.jaditau.net/
Submission Tags: @phishunt_io
Submission: On September 07 via api (September 7th 2021, 3:44:26 am UTC) from DE

Summary HTTP 149 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 25 domains to perform 149 HTTP transactions. The main IP is 103.243.172.195, located in Singapore and belongs to PHOENIXNAP-AS-SG1 PhoenixNAP, SG. The main domain is www.jaditau.net.
TLS certificate: Issued by R3 on September 6th 2021. Valid for: 3 months.

This is the only time www.jaditau.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	103.243.172.195 103.243.172.195	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.172.136 18.195.172.136	16509 (AMAZON-02) (AMAZON-02)
6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
149	30

32 103.243.172.195 (Singapore)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
PTR: marina.satu.rumahweb.com

www.jaditau.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.172.136 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-172-136.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	598 KB
32	jaditau.net www.jaditau.net	782 KB
24	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	129 KB
14	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	251 KB
8	google.com 3 redirects adservice.google.com www.google.com	1 KB
6	gstatic.com fonts.gstatic.com	129 KB
5	googletagservices.com www.googletagservices.com	175 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	google.de adservice.google.de	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	760 B
2	rlcdn.com 2 redirects id.rlcdn.com	890 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	addtoany.com static.addtoany.com	62 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	2mdn.net s0.2mdn.net	23 KB
1	congstar.de banner.congstar.de	518 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	456 B
1	agkn.com 1 redirects d.agkn.com	758 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	655 B
1	googleusercontent.com lh6.googleusercontent.com	754 B
0	sosiago.id Failed v1.sosiago.id Failed
0	adpxl.com Failed static.adpxl.com Failed
149	25

	Domain	Requested by
32	www.jaditau.net	www.jaditau.net
29	tpc.googlesyndication.com	googleads.g.doubleclick.net www.jaditau.net tpc.googlesyndication.com pagead2.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.jaditau.net googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	www.jaditau.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	googleads.g.doubleclick.net www.jaditau.net
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	fonts.googleapis.com	www.jaditau.net
3	www.awin1.com	1 redirects as.ad4m.at
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ad.doubleclick.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	static.addtoany.com	www.jaditau.net static.addtoany.com
2	www.google-analytics.com	www.jaditau.net www.google-analytics.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.jaditau.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	lh6.googleusercontent.com	www.jaditau.net
0	v1.sosiago.id Failed	www.jaditau.net
0	static.adpxl.com Failed	www.jaditau.net
149	32

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
id.pinterest.com
www.linkedin.com
eatologi.com
topblogindonesia.com
www.lyrathemes.com
www.addtoany.com

Subject Issuer	Validity	Valid
*.jaditau.net R3	`2021-09-06` - `2021-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.jaditau.net/
Frame ID: 1A3565A166127C045994BA2054EDEC49
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 9293C842672D0B753BFC26592F19DA37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&adk=1812271804&adf=3025194257&lmt=1630986247&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jaditau.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986246611&bpp=478&bdt=62&idt=556&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5507381444474&frm=20&pv=2&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=579
Frame ID: BF1F04F856C432F1B4347DC46697EA4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=600&adk=2734607550&adf=1812466437&pi=t.aa~a.2594507593~rp.3&w=278&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=278x600&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=3&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0&nras=2&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=H6Hj9PFSwe&p=https%3A//www.jaditau.net&dtd=13
Frame ID: A47CB6232B620D214BCB8920451DE4AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32
Frame ID: 6D60FAD3569A453496F8B27231E4D81E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=1&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600%2C431x280&nras=4&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=661&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Kj5QKxOfpS&p=https%3A//www.jaditau.net&dtd=41
Frame ID: 3BF04550B5B05EF8EB0AA37CB95F7C04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1F49187F2962E1BDCA40F25BB0647DA7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 48FEEB3DCA9AE4618CB4BC95E22CA375
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Frame ID: 78E4B0C9094C16B79EA584F569D023B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CI7cDB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEoQFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXGKw5aV9OMOVWAVJkWI32-lzGYAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk2MzE0OTkxODQwMjk2NTQYAA&sigh=eww7f9UTmWM
Frame ID: B44E85187B857BA46F49914EBC121DDA
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D
Frame ID: ECB749DCD82C0D26525C6CF7DD8E9749
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 71A1C2C0D1EE5E33492D74C7F86A26A7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 076A5BAD2660433DE0758F48A0CC706C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html
Frame ID: 3BA083E2445D92603D6EA3CF5B622E45
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CvZdyB-A2YaDLJJfI7_UPoNSEwAO58-6fZObK2Yj7DemR2bfxIRABIJWs8U9glQKgAaLk0vkCyAEJqQIXGTe1yuqzPqgDAcgDSKoEsQFP0McEPCDk7jyFOJXOaR7e6vAn8B4kVtIEgTht5v2_nqKjn4jE4sJLKnZInjVq9Z1F-FEBpIcmLF_M8B4NmwlUy-IrmOO34DKNTRa83AXkftCO2pmYshHVPaXdAu6bN2mXQpUr6YKTrxgi1vACnbOjrgYgJzK9MnA9KaXag4oSnJAPB7TC3RoBig_5_pyqZjmOG6_-Y2mm-HXutyGQzp-LWJ9jURdssbzS_hxU8ZDPINLABMXBo76nA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfGm62GAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQl9wG0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTk2MzE0OTkxODQwMjk2NTQYAA&sigh=ywUz_vJ4Jz0&template_id=419
Frame ID: FC1D56D5597DE2ED5800CEE0467A358F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C55515E04DBC9FB4FDA925552276B389
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Frame ID: E8761A357B03BE1AF4EA0D18B0515EA1
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Frame ID: F6F1E15D3A57540AAE980B1E2D6C869F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CT74SB-A2Ybj9I-SQlQfe-rPIB8j6xfJkj63StZwNloLNhYgWEAEglazxT2CVAqABo9awxAPIAQmpAo8KDDEY67M-qAMByANIqgS4AU_QmuVjIPoCFj5Ob32Ami9HTgYekzdrnBHwTMUlko5pxc9U1j6B5Fod4USCmxjSTYqqTZx1VJGf77Qw0hVkweBTfN-illF1uWSP_xaCXGJr9hD7wOJlHt4kPM8LMOnQ3xycG49i-GNCNiNndMFv00D5pd1Yilezg0A0ODvgmrh8hOR72_QoHxFrsnLFd8K5as_Pa8Bcq9BBQm-nw-uCNP6ioAORu_-qURe0RQbKaFJj1Z85ut942MjABK--kPuKApIFBAgEGAGSBQQIBRgEoAYugAfFqc87qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDClwvSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTYzMTQ5OTE4NDAyOTY1NBgA&sigh=rU16u9jbAVQ&template_id=419
Frame ID: 61D32C68EB44A5B7E70A6CE5F694E620
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 27D5D3363B6A5F57D7073D87A530D0BE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EAD9C080F28FB8C25DA70BC2BC02B38E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7DF136790408C429BE0DF1EE28F04F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal Informasi dan Berita Indonesia

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

149
Requests

98 %
HTTPS

69 %
IPv6

25
Domains

32
Subdomains

30
IPs

4
Countries

2180 kB
Transfer

4197 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/puyeensiklopedia/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/puyeeksikloped
Title: Twitter

Search URL Search Domain Scan URL

URL: https://id.pinterest.com/puyeensiklopedi/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/puye-ensiklopedia-b34398135?trk=hp-identity-name
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://eatologi.com/

Search URL Search Domain Scan URL

URL: http://topblogindonesia.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.lyrathemes.com/kale/
Title: Kale

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 85

https://d.agkn.com/pixel/2175/?google_gid=CAESEDhFhkTRmRXs4jKFzMe6HsQ&google_cver=1&google_push=AYg5qPKAob3N1s-06Yx29ZhNkM8kf55k7doddkduGx04XCDeWTvUFLD1idM7pjLgM3PEmnaafzVuPyodfmnmkJPyk1eMOQmoyeE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKAob3N1s-06Yx29ZhNkM8kf55k7doddkduGx04XCDeWTvUFLD1idM7pjLgM3PEmnaafzVuPyodfmnmkJPyk1eMOQmoyeE&google_hm=Q0FFU0VEaEZoa1RSbVJYczRqS0Z6TWU2SHNR

Request Chain 86

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPICgHADr3gWnxq8mgAbjgvPlzaNaW5XUhOKW2wSE4taqtuq8-dRZWbjA46d_ayELyWq59GWIanriF6FuLSr-u5FOpXi2NM&google_gid=CAESEPMr5iuUx8bBIZY8FNcuZxQ&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIjA24kGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBJQ2dIQURyM2dXbnhxOG1nQWJqZ3ZQbHphTmFXNVhVaE9LVzJ3U0U0dGFxdHVxOC1kUlpXYmpBNDZkX2F5RUx5V3E1OUdXSWFucmlGNkZ1TFNyLXU1Rk9wWGkyTk0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY0VZZ2tRTGZiaG9ubWprRlh1SHIxNjVMUnV5U2Frekpic2E4Q2pIbXFoYw==&google_push

Request Chain 87

https://rtb.openx.net/sync/dds?google_gid=CAESEEJSYWWrMJEa94XY-zuO7y8&google_cver=1&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEEJSYWWrMJEa94XY-zuO7y8&google_cver=1&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4&google_hm=4VJ-3lcsyo0P8e4wiVYQIA==

Request Chain 88

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIMNPntyQdQn15APFyCR9xs&google_cver=1&google_push=AYg5qPK7uwRqXIueTjraMs693FlhkHAEHagB7EV-OXOsQf6_Qt20Yww6Q6Yyr2ccGiDeheW0yV-8mvc1ti9gfU5kH1G9ePIcRVI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIMNPntyQdQn15APFyCR9xs&google_cver=1&google_push=AYg5qPK7uwRqXIueTjraMs693FlhkHAEHagB7EV-OXOsQf6_Qt20Yww6Q6Yyr2ccGiDeheW0yV-8mvc1ti9gfU5kH1G9ePIcRVI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oZ8O_EH4RP-CBi4mbDarBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK7uwRqXIueTjraMs693FlhkHAEHagB7EV-OXOsQf6_Qt20Yww6Q6Yyr2ccGiDeheW0yV-8mvc1ti9gfU5kH1G9ePIcRVI

Request Chain 89

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMzg3868g9K2_UXJJAtai8&google_cver=1&google_push=AYg5qPLhBwScRapk8mZk3GZw1JN37WTdvJQqCcnpnO2o-9l4p6TvCnVqQU_EGy4Q9vy_Sdpjz7aaYDxdYPAXpFOGAl5a2A0ZK-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Q5SjNOOTEtMVctQ04w&google_push=AYg5qPLhBwScRapk8mZk3GZw1JN37WTdvJQqCcnpnO2o-9l4p6TvCnVqQU_EGy4Q9vy_Sdpjz7aaYDxdYPAXpFOGAl5a2A0ZK-g

Request Chain 90

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_cver=1&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1

Request Chain 120

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLGU2Z_56_ICFYZo4AodmnMA2w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630986248_db494421-0f8d-11ec-a1d8-692d067fb68d

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

149 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.jaditau.net/ 63 KB
11 KB 708ms
224ms Document
text/html 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: c94748df1f0dd68d3e4dfd2d340a4946ce4d2f05d08b964e0a8617932e664828

Request headers

:method: GET
:authority: www.jaditau.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
server: Apache
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate max-age=172800
expires: Thu, 09 Sep 2021 03:44:06 GMT
content-encoding: br
content-length: 10792
content-type: text/html; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6856af1b20157893615894a02c5bc6980a56c04db3d26b68bd915d2c4d7a4881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49528
x-xss-protection: 0
server: cafe
etag: 6857317396513034251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:44:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3429
date: Tue, 07 Sep 2021 02:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 07 Sep 2021 04:46:57 GMT

GET
H2 200 style.min.css
www.jaditau.net/wp-includes/css/dist/block-library/ 79 KB
10 KB 386ms
383ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-includes/css/dist/block-library/style.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Wed, 28 Jul 2021 07:45:09 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9945
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 pagenavi-css.css
www.jaditau.net/wp-content/plugins/wp-pagenavi/ 374 B
241 B 198ms
196ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

:path: /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 15:18:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 184
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
673 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=adb34dbadf10bfbae8767cc178698f6f

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 02:18:22 GMT
server: ESF
date: Tue, 07 Sep 2021 03:44:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Sep 2021 03:44:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
576 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic&ver=adb34dbadf10bfbae8767cc178698f6f

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 03:44:06 GMT
server: ESF
date: Tue, 07 Sep 2021 03:44:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Sep 2021 03:44:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
597 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A200&ver=adb34dbadf10bfbae8767cc178698f6f

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92c99e2cf4c06b688a835a1aec1699c099f7977b5cca773fb41821d57b4e8e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 02:36:44 GMT
server: ESF
date: Tue, 07 Sep 2021 03:44:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Sep 2021 03:44:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
539 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Caveat&ver=adb34dbadf10bfbae8767cc178698f6f

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f50f610cdfbc5dd023cc2738af889ea8b582e00fcfa16c4584cfda7fa3cf92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 01:48:50 GMT
server: ESF
date: Tue, 07 Sep 2021 03:44:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Sep 2021 03:44:06 GMT

GET
H2 200 bootstrap.min.css
www.jaditau.net/wp-content/themes/kale/assets/css/ 118 KB
18 KB 391ms
389ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/css/bootstrap.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 880de7665b1aaa840303313deca3352af257d55aed4584d5e17f0fbffe0fde01

Request headers

:path: /wp-content/themes/kale/assets/css/bootstrap.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18178
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 bootstrap-select.min.css
www.jaditau.net/wp-content/themes/kale/assets/css/ 6 KB
1 KB 197ms
194ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/css/bootstrap-select.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 08a91f7572dc0786b5c9e22944ab78d44b58f6178b404572552761e2d6ece431

Request headers

:path: /wp-content/themes/kale/assets/css/bootstrap-select.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1259
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 font-awesome.min.css
www.jaditau.net/wp-content/themes/kale/assets/css/ 30 KB
7 KB 204ms
202ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/css/font-awesome.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

:path: /wp-content/themes/kale/assets/css/font-awesome.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6666
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 owl.carousel.css
www.jaditau.net/wp-content/themes/kale/assets/css/ 5 KB
1 KB 197ms
195ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/css/owl.carousel.css?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: f79382c75b1b87a9c80d903a771e1db9e3987b39c6645c203b4709e9c4c0dd3b

Request headers

:path: /wp-content/themes/kale/assets/css/owl.carousel.css?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1017
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 style.css
www.jaditau.net/wp-content/themes/kale/ 41 KB
8 KB 333ms
330ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/style.css?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 3d4e602cc9be5f0349f7ca875b276429e707d5a9045467b280c2b76f5bebb964

Request headers

:path: /wp-content/themes/kale/style.css?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7900
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 front.css
www.jaditau.net/wp-content/plugins/related-posts-thumbnails/assets/css/ 4 KB
844 B 203ms
200ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/plugins/related-posts-thumbnails/assets/css/front.css?ver=1.9.0
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: e4a1edd8bd152ea994db792861bb3300434be689e4fb150aea2cb384f729fd41

Request headers

:path: /wp-content/plugins/related-posts-thumbnails/assets/css/front.css?ver=1.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 15:17:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 787
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 addtoany.min.css
www.jaditau.net/wp-content/plugins/add-to-any/ 1 KB
443 B 202ms
200ms Stylesheet
text/css 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 15:14:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 386
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 jquery.min.js Show response
www.jaditau.net/wp-includes/js/jquery/ 87 KB
30 KB 400ms
398ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Wed, 28 Jul 2021 07:45:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30311
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.jaditau.net/wp-includes/js/jquery/ 11 KB
4 KB 392ms
390ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Mon, 10 May 2021 05:28:44 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3998
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 addtoany.min.js Show response
www.jaditau.net/wp-content/plugins/add-to-any/ 129 B
142 B 392ms
390ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 15:14:45 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 92
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET adpxl2.min.js
static.adpxl.com/ 0
0

GET tracking.js
v1.sosiago.id/js/ 0
0

GET
H2 200 cropped-cropped-JADITAU-New-Logo-Header-2.png
www.jaditau.net/wp-content/uploads/2016/08/ 17 KB
17 KB 202ms
200ms Image
image/png 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2016/08/cropped-cropped-JADITAU-New-Logo-Header-2.png
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: f1b4d7ec64771479e036cd1c46f0f71838e3ffbc01cbc4c16af78904941809c5

Request headers

:path: /wp-content/uploads/2016/08/cropped-cropped-JADITAU-New-Logo-Header-2.png
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Wed, 21 Jun 2017 05:16:23 GMT
server: Apache
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17623
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.jaditau.net/wp-includes/js/ 18 KB
4 KB 205ms
203ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-includes/js/wp-emoji-release.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Wed, 28 Jul 2021 07:45:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4542
expires: Thu, 07 Oct 2021 03:44:06 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1190219997&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jaditau.net%2F&ul=en-us&de=UTF-8&dt=Portal%20Informasi%20dan%20Berita%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1867203042&gjid=1843385736&cid=2018528716.1630986247&tid=UA-69218513-1&_gid=1342467287.1630986247&_r=1&_slc=1&z=291162305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jaditau.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 250 KB
93 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9631499184029654&plah=www.jaditau.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d739f4e9502d3c672029d4580ddff6e52872660508cc4b3f5c2eb2735c66a466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95175
x-xss-protection: 0
server: cafe
etag: 18091442808060632251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:44:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 9293 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210831/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Sep 2021 16:02:37 GMT
expires: Mon, 20 Sep 2021 16:02:37 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 42089
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Banner-Eatologi-Indonesia.jpg
www.jaditau.net/wp-content/uploads/2019/07/ 26 KB
27 KB 199ms
198ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2019/07/Banner-Eatologi-Indonesia.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: b1ed96501f76469434bfbfd2affea996b888b7f23cc76b7e3b99eb5bb2e90c17

Request headers

:path: /wp-content/uploads/2019/07/Banner-Eatologi-Indonesia.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Tue, 23 Jul 2019 09:22:05 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26968
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 topblogindonesia.gif
lh6.googleusercontent.com/_xxMp99Ik0Vs/TaQZxC-xV6I/AAAAAAAAAAg/-tCrLzKFM3U/s800/ 337 B
754 B 37ms
17ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/_xxMp99Ik0Vs/TaQZxC-xV6I/AAAAAAAAAAg/-tCrLzKFM3U/s800/topblogindonesia.gif

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c7978244b79733fcaddc71ac24d75ffba9400f505e6ee471060995399401a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="topblogindonesia.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
server: fife
etag: "vfa"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 14:28:48 GMT

GET
H2 200 bootstrap.min.js Show response
www.jaditau.net/wp-content/themes/kale/assets/js/ 36 KB
9 KB 205ms
205ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/js/bootstrap.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

:path: /wp-content/themes/kale/assets/js/bootstrap.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9458
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 bootstrap-select.min.js Show response
www.jaditau.net/wp-content/themes/kale/assets/js/ 20 KB
6 KB 201ms
201ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/js/bootstrap-select.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 16368645110ed92bc7e129fbdc8a439ecdc32e11285ab3f8fcfa121a0167b6c3

Request headers

:path: /wp-content/themes/kale/assets/js/bootstrap-select.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5826
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 owl.carousel.min.js Show response
www.jaditau.net/wp-content/themes/kale/assets/js/ 39 KB
10 KB 208ms
206ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/js/owl.carousel.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481

Request headers

:path: /wp-content/themes/kale/assets/js/owl.carousel.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10333
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 kale.js Show response
www.jaditau.net/wp-content/themes/kale/assets/js/ 3 KB
800 B 198ms
196ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/js/kale.js?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: b8de3c5f443a82c55fa9ea36d38496578ea616a09c58027f92f4809d6a0e0460

Request headers

:path: /wp-content/themes/kale/assets/js/kale.js?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 766
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 wp-embed.min.js Show response
www.jaditau.net/wp-includes/js/ 1 KB
697 B 199ms
197ms Script
application/javascript 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-includes/js/wp-embed.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=adb34dbadf10bfbae8767cc178698f6f
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Mon, 10 May 2021 05:28:44 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 663
expires: Thu, 07 Oct 2021 03:44:06 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
28 KB 23ms
22ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 162015
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 68acefcc4bbbd725-FRA
cf-bgj: minify

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic&ver=adb34dbadf10bfbae8767cc178698f6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jaditau.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 08:26:59 GMT
x-content-type-options: nosniff
age: 242228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Sep 2022 08:26:59 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=adb34dbadf10bfbae8767cc178698f6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jaditau.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 07:30:39 GMT
x-content-type-options: nosniff
age: 72808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 07:30:39 GMT

GET
H2 200 fontawesome-webfont.woff2
www.jaditau.net/wp-content/themes/kale/assets/fonts/ 75 KB
76 KB 195ms
194ms Font
font/woff2 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jaditau.net/wp-content/themes/kale/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/wp-content/themes/kale/assets/css/font-awesome.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://www.jaditau.net
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
:path: /wp-content/themes/kale/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.jaditau.net
referer: https://www.jaditau.net/wp-content/themes/kale/assets/css/font-awesome.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.jaditau.net
Referer: https://www.jaditau.net/wp-content/themes/kale/assets/css/font-awesome.min.css?ver=adb34dbadf10bfbae8767cc178698f6f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
content-encoding: br
last-modified: Sun, 17 Sep 2017 15:59:52 GMT
server: Apache
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=172800
accept-ranges: bytes
content-length: 77165
expires: Thu, 09 Sep 2021 03:44:06 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic&ver=adb34dbadf10bfbae8767cc178698f6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jaditau.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:13:25 GMT
x-content-type-options: nosniff
age: 135042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:13:25 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic&ver=adb34dbadf10bfbae8767cc178698f6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jaditau.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:11:30 GMT
x-content-type-options: nosniff
age: 45157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 15:11:30 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic&ver=adb34dbadf10bfbae8767cc178698f6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jaditau.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:08:54 GMT
x-content-type-options: nosniff
age: 318913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:08:54 GMT

GET
H3-29 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic&ver=adb34dbadf10bfbae8767cc178698f6f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jaditau.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:32:23 GMT
x-content-type-options: nosniff
age: 457904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:32:23 GMT

GET
H2 200 Tips-Memilih-Jam-Tangan-Remaja-Dijamin-Makin-Gaya-760x400.jpg
www.jaditau.net/wp-content/uploads/2021/09/ 30 KB
30 KB 342ms
339ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/09/Tips-Memilih-Jam-Tangan-Remaja-Dijamin-Makin-Gaya-760x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: ce74a6f2bc7e3c3039030dd7e85cf35293803995dcaa5e11d0ea56bc2bcca04c

Request headers

:path: /wp-content/uploads/2021/09/Tips-Memilih-Jam-Tangan-Remaja-Dijamin-Makin-Gaya-760x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Sun, 05 Sep 2021 10:10:07 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30696
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Bayar-BPJS-Melalui-Mobile-Banking-BRI-600x400.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 44 KB
44 KB 342ms
339ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Bayar-BPJS-Melalui-Mobile-Banking-BRI-600x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 6262de3579e7848d3f2b15909fee3ed3b29d6078d5cb30c7e4b672bb0f03739a

Request headers

:path: /wp-content/uploads/2021/08/Bayar-BPJS-Melalui-Mobile-Banking-BRI-600x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Mon, 30 Aug 2021 04:48:41 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 44947
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Review-Spesfikasi-Oppo-Reno-6-Pro-5G-760x400.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 31 KB
31 KB 342ms
339ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Review-Spesfikasi-Oppo-Reno-6-Pro-5G-760x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 54651f13de5a67ae9a41a461d8520e2ed2d25d17d94ee64c93f6c9e58323eafd

Request headers

:path: /wp-content/uploads/2021/08/Review-Spesfikasi-Oppo-Reno-6-Pro-5G-760x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Tue, 24 Aug 2021 02:57:12 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31686
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Harga-Emas-Diproyeksi-Akan-Menembus-2.000-Dolar-AS-675x400.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 35 KB
36 KB 341ms
339ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Harga-Emas-Diproyeksi-Akan-Menembus-2.000-Dolar-AS-675x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 8d572ffbb369a5792dfc86dcb367e21ed90067dfa0dfffb0287b2c6b56adaec1

Request headers

:path: /wp-content/uploads/2021/08/Harga-Emas-Diproyeksi-Akan-Menembus-2.000-Dolar-AS-675x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Thu, 19 Aug 2021 04:01:38 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36299
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Keuntungan-Pakai-Cloud-Service-760x400.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 46 KB
46 KB 341ms
339ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Keuntungan-Pakai-Cloud-Service-760x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: d24a9d5d6ec8fb080c2d0ab7c4e27cf450687ddb3b5331bfa19789fe316d1b09

Request headers

:path: /wp-content/uploads/2021/08/Keuntungan-Pakai-Cloud-Service-760x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Wed, 18 Aug 2021 10:57:51 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 47057
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Shila-At-Sawangan-Depok.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 90 KB
91 KB 341ms
339ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Shila-At-Sawangan-Depok.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 246bc91c6e87d9258c7b7a64ab20c253cbdc3f8f46ae6449ff5e7e7f2f1d3c3b

Request headers

:path: /wp-content/uploads/2021/08/Shila-At-Sawangan-Depok.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Wed, 18 Aug 2021 07:31:30 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 92608
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Aneka-Resep-Masakan-Nusantara.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 87 KB
88 KB 341ms
339ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Aneka-Resep-Masakan-Nusantara.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 640843b5506f48602e91d99837cc9bf299fcca3455648ab0892a3262c0c8dd96

Request headers

:path: /wp-content/uploads/2021/08/Aneka-Resep-Masakan-Nusantara.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Thu, 19 Aug 2021 03:40:03 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 89501
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 5-Manfaat-Kalkulator-Kehamilan-760x400.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 47 KB
48 KB 340ms
338ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/5-Manfaat-Kalkulator-Kehamilan-760x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 1d6b5843ab83d6d615ca804e5fcd6e141251c43164c6aa1e3dc8a82da5fd2c72

Request headers

:path: /wp-content/uploads/2021/08/5-Manfaat-Kalkulator-Kehamilan-760x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Wed, 11 Aug 2021 16:45:37 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48514
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Review-Film-DC-Terbaru-yang-Siap-Rilis-760x400.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 61 KB
61 KB 528ms
526ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Review-Film-DC-Terbaru-yang-Siap-Rilis-760x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: 2668145cc661f3bf022bfa299ca6a6a337689892ec2430e34e6cff6e9beb399c

Request headers

:path: /wp-content/uploads/2021/08/Review-Film-DC-Terbaru-yang-Siap-Rilis-760x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Sat, 07 Aug 2021 11:25:43 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62055
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
H2 200 Kumpulan-Resep-Appetizer-617x400.jpg
www.jaditau.net/wp-content/uploads/2021/08/ 64 KB
65 KB 528ms
526ms Image
image/jpeg 103.243.172.195
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jaditau.net/wp-content/uploads/2021/08/Kumpulan-Resep-Appetizer-617x400.jpg
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.243.172.195 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS: marina.satu.rumahweb.com
Software: Apache /
Resource Hash: f9705ea647104254fba9bc49ba64e802928b94d3094cff630fd4f7be4f7dcfab

Request headers

:path: /wp-content/uploads/2021/08/Kumpulan-Resep-Appetizer-617x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.2018528716.1630986247; _gid=GA1.2.1342467287.1630986247; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jaditau.net
referer: https://www.jaditau.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:06 GMT
last-modified: Sat, 07 Aug 2021 12:27:17 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65856
expires: Wed, 07 Sep 2022 03:44:06 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
655 B 71ms
27ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.jaditau.net&callback=_gfp_s_&client=ca-pub-9631499184029654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9631499184029654&plah=www.jaditau.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6de6ff31cb698955db3c7e02e1fb3badacb75374b7682335f6ff0b5702b4c457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jaditau.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jaditau.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF1F 97 KB
30 KB 312ms
311ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&adk=1812271804&adf=3025194257&lmt=1630986247&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jaditau.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986246611&bpp=478&bdt=62&idt=556&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5507381444474&frm=20&pv=2&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=579

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a0a8896b8b6f909f3d485452139fdf70df2a23c1c602ab47d326423eb8a5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9631499184029654&output=html&adk=1812271804&adf=3025194257&lmt=1630986247&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jaditau.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986246611&bpp=478&bdt=62&idt=556&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5507381444474&frm=20&pv=2&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=579
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 07 Sep 2021 03:44:07 GMT
server: cafe
content-length: 30535
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Sep-2021 03:59:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Sep 2021 03:44:07 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:07 GMT

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 23ms
20ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1217467
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 68acefccfd574abc-FRA
cf-bgj: minify

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 145 KB
52 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50f36dfa6fece434e88e474d214553f6dc1972a8b05f4cdcc3db65890644bd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53147
x-xss-protection: 0
server: cafe
etag: 6967682741169739163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:44:07 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jaditau.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jaditau.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A47C 26 KB
11 KB 404ms
404ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=600&adk=2734607550&adf=1812466437&pi=t.aa~a.2594507593~rp.3&w=278&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=278x600&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=3&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0&nras=2&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=H6Hj9PFSwe&p=https%3A//www.jaditau.net&dtd=13

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb18acc29839ec39b839ed6dcedbfca10c60045f0cb72949eae6a53954d2304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9631499184029654&output=html&h=600&adk=2734607550&adf=1812466437&pi=t.aa~a.2594507593~rp.3&w=278&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=278x600&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=3&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0&nras=2&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=H6Hj9PFSwe&p=https%3A//www.jaditau.net&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 07 Sep 2021 03:44:07 GMT
server: cafe
content-length: 10742
x-xss-protection: 0
set-cookie: IDE=AHWqTUlSsco16XP_7F-WzSuRoQcAycwbpZOATe4uWdB7jyGWRdyM3kwhFWyw2sbW8BA; expires=Sun, 02-Oct-2022 03:44:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Sep 2021 03:44:07 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D60 122 KB
39 KB 649ms
648ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b805ed2beccc8691a4b33a62570a07612f0ccd847bdd11464c26cd648bccd91

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPicr5_56_ICFWRI5QodXv0MeQ&gqi=B-A2YeLCI4q03gOjoLjoCg&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPicr5_56_ICFWRI5QodXv0MeQ&gqi=B-A2YeLCI4q03gOjoLjoCg&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 07 Sep 2021 03:44:08 GMT
server: cafe
content-length: 39436
x-xss-protection: 0
set-cookie: IDE=AHWqTUkdSRxvM9UlmdAyK7qqUkPPHiYtU17N-uV5N_8avJfSegGQGAdLuZdI_8TTNz4; expires=Sun, 02-Oct-2022 03:44:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Sep 2021 03:44:08 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BF0 123 KB
39 KB 545ms
544ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=1&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600%2C431x280&nras=4&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=661&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Kj5QKxOfpS&p=https%3A//www.jaditau.net&dtd=41

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46042276eac74fe9bb3fbdaf21259df1ee9a477ee1f73c61a7cbc5b960b5612d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CODqr5_56_ICFRfkuwgdICoBOA&gqi=B-A2YfKFJJSS3gOSiYWICw&layout=/sadbundle/%24csp%253Der3%24/16969535942247343020/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=1&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600%2C431x280&nras=4&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=661&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Kj5QKxOfpS&p=https%3A//www.jaditau.net&dtd=41
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CODqr5_56_ICFRfkuwgdICoBOA&gqi=B-A2YfKFJJSS3gOSiYWICw&layout=/sadbundle/%24csp%253Der3%24/16969535942247343020/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 07 Sep 2021 03:44:08 GMT
server: cafe
content-length: 39414
x-xss-protection: 0
set-cookie: IDE=AHWqTUmB521whVEsHIQ2DgKZmBaHLXaxmSElCGiSa1EUJVMDPjUZRsBiAJA8oBarIhE; expires=Sun, 02-Oct-2022 03:44:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Sep 2021 03:44:08 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jaditau.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jaditau.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/ Frame 1F49 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Sep 2021 01:23:17 GMT
expires: Tue, 21 Sep 2021 01:23:17 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 8450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 1F49 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:14:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 1F49 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:21:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F49 122 KB
37 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 1F49 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:15:16 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 1F49 26 KB
11 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10845
x-xss-protection: 0
server: cafe
etag: 14737611871312058204
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:40:48 GMT

GET
H2 200 3817926683774932297
tpc.googlesyndication.com/simgad/ Frame 1F49 39 KB
39 KB 8ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3817926683774932297?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmLbjU-IkyvEV21V7hDvDm5YOc2iA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a72ecd9cfaf93b5d069ad088590545585ac1cf2c9bde2e35c5033c4c17ddcd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 07:12:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Jan 2021 22:28:22 GMT
server: sffe
age: 73892
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39683
x-xss-protection: 0
expires: Tue, 06 Sep 2022 07:12:35 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F49 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSv0OB-A2YZSiDJvJ7_UPoMKv4AWT_IS0Yea9h5P3DJaCzYWIFhABIJWs8U9glQKgAfWSzY0DyAECqQIXGTe1yuqzPqgDAcgDyQSqBKgBT9CRGrbkbizdJhN6QAnoXienHnr3OSiEsS2pJ7DW8SmwfRy1F8Y6kZRVIkjmw_T28yxHU-eXU3klRvgzh76m4EDPNEpC_ZCUujoXdE8MBTgA1Pwzj_TjDEoZ2uPLOkznLqmJ2s8-Ru2gTYfwldrHLwheRsznKF4M2MjVMaSUdw4TwejBpwoLIqOFm9s97c15Q9o4YZS5I_uvl3LKTXQ6QKOej66g-Xw_wATkl6uCzgKSBQQIBBgBkgUECAUYBKAGAoAH8-yycqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQ5YMB0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTk2MzE0OTkxODQwMjk2NTQYAA&sigh=47pgHVGp2LY&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Sep 2021 03:44:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:07 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 48FE 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Sep 2021 03:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 48FE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlmcbVK6gCIhuzjmSahsnEgRIvBgBHu8srXpWIAUmkKS9fVt-EWIQRZUJY04No
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Sep 2021 03:44:07 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 07-Sep-2021 04:44:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Sep 2021 03:44:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Sep 2021 03:44:07 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1F49 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22165bd3827372938e5bf1d356f9098775ac09577a4573e4be040bb58adcc452

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 78E4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 05:01:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B44E 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI7cDB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEoQFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXGKw5aV9OMOVWAVJkWI32-lzGYAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk2MzE0OTkxODQwMjk2NTQYAA&sigh=eww7f9UTmWM

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=600&adk=2734607550&adf=1812466437&pi=t.aa~a.2594507593~rp.3&w=278&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=278x600&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=3&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0&nras=2&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=H6Hj9PFSwe&p=https%3A//www.jaditau.net&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Sep 2021 03:44:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B44E 0
0 29ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gaee2vxh8spmpbz6jn0k34xm3vd3ms7cpbh48p4v78hb8fqyc9g67jr3x7svq1q6hphv425px81fgtpzhpd0s4ehpdj9zk7et05atkgryjabews6tqxx89nrv5e88nskfvfpwqwcdkxkvn4757cv4x4vq3bq0rt9dxx7pr71rzws5f7g8g1wmc4eyt4j0a30t0zgwcxspw7ny3wzrttb30xw5ha2y4hzpn8k0c5t3kae68ys1e07mthe6k50hkq4by4n2nb7p6fypce13e1e3ntvdqzt3es8jvaa4qq38932kv8js311x73x46tgbdrjxrn2mh1v87gx4j3nxrjc4zwjwbccf06v0mb9mjcp7nnw9g0p2m895zk5eg0by33jjfbf68c0r&b=YTbgBwAIt-cIu9deAAQOdX5V5eLmtFP5CVIyRQ
Requested by: Host: www.jaditau.net
URL: https://www.jaditau.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Sep 2021 03:44:07 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame ECB7 2 KB
2 KB 37ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=600&adk=2734607550&adf=1812466437&pi=t.aa~a.2594507593~rp.3&w=278&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=278x600&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=3&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0&nras=2&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=H6Hj9PFSwe&p=https%3A//www.jaditau.net&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0ab554767d6d1f78c446a686a033972e6d26df8a67fda29b50eb51db3391f9a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68acefd1eeb24339-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame B44E 2 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:21:29 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 71A1 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Sep 2021 21:06:15 GMT
expires: Tue, 07 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23872
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B44E 122 KB
37 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:07 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame B44E 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:15:16 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 71A1 35 B
464 B 26ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPCAi6mE4S0p8BlGR1sAI2w&google_cver=1&google_push=AYg5qPI1rVVbZWZ7NkLAH2zflhWiOFXzjZQoJFOd7sbScGUcZDniMM8c4PpqV1Eg2aaaACkjuBcPqsRyASZhavk9NJ7ShvAioPo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 71A1
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEDhFhkTRmRXs4jKFzMe6HsQ&google_cver=1&google_push=AYg5qPKAob3N1s-06Yx29ZhNkM8kf55k7doddkduGx04XCDeWTvUFLD1idM7pjLgM3PEmnaafzVuPyodfmnmkJPyk1eMOQmoyeE
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKAob3N1s-06Yx29ZhNkM8kf55k7doddkduGx04XCDeWTvUFLD1idM7pjLgM3PEmnaafzVuPyodfmnmkJPyk1eMOQmoyeE&google_hm=Q0FFU0VEaEZoa1RSbVJYcz...

170 B
188 B

42ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKAob3N1s-06Yx29ZhNkM8kf55k7doddkduGx04XCDeWTvUFLD1idM7pjLgM3PEmnaafzVuPyodfmnmkJPyk1eMOQmoyeE&google_hm=Q0FFU0VEaEZoa1RSbVJYczRqS0Z6TWU2SHNR

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Sep 2021 03:44:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKAob3N1s-06Yx29ZhNkM8kf55k7doddkduGx04XCDeWTvUFLD1idM7pjLgM3PEmnaafzVuPyodfmnmkJPyk1eMOQmoyeE&google_hm=Q0FFU0VEaEZoa1RSbVJYczRqS0Z6TWU2SHNR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 71A1
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPICgHADr3gWnxq8mgAbjgvPlzaNaW5XUhOKW2wSE4taqtuq8-dRZWbjA46d_ayELyWq59GWIanriF6FuLSr-u5FOpXi2NM&google_gid=CAESEPMr5iuUx8bBIZY8FNcuZxQ&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIjA24kGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBJQ2dIQURyM2dXbnhxOG1nQWJqZ3ZQbHphTmFXNVhVaE9LVzJ3U0U0dGFxdHVxOC1kUlpXYmpBNDZkX2F5RUx5V3E1OUdXSWFucmlGNkZ1TF...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY0VZZ2tRTGZiaG9ubWprRlh1SHIxNjVMUnV5U2Frekpic2E4Q2pIbXFoYw==&google_push

170 B
232 B

30ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY0VZZ2tRTGZiaG9ubWprRlh1SHIxNjVMUnV5U2Frekpic2E4Q2pIbXFoYw==&google_push

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Sep 2021 03:44:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY0VZZ2tRTGZiaG9ubWprRlh1SHIxNjVMUnV5U2Frekpic2E4Q2pIbXFoYw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 71A1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEJSYWWrMJEa94XY-zuO7y8&google_cver=1&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4
https://rtb.openx.net/sync/dds?google_gid=CAESEEJSYWWrMJEa94XY-zuO7y8&google_cver=1&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4&google_hm=4VJ-3lcsyo0P8e4wiVYQIA==

170 B
188 B

54ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4&google_hm=4VJ-3lcsyo0P8e4wiVYQIA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:07 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLKZOD93ynwLevFl7vaRRNCNEZvzsBfqlb0C3ddpeqj_lBjyri8U9BrUUi7b96veoFneD4BufrAzEhoofeX-sDQ35Dv0D4&google_hm=4VJ-3lcsyo0P8e4wiVYQIA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: avrg8f4frp19asbaijbjclm7c12jp0kb

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 71A1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oZ8O_EH4RP-CBi4mbDarBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

28ms
28ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oZ8O_EH4RP-CBi4mbDarBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK7uwRqXIueTjraMs693FlhkHAEHagB7EV-OXOsQf6_Qt20Yww6Q6Yyr2ccGiDeheW0yV-8mvc1ti9gfU5kH1G9ePIcRVI

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oZ8O_EH4RP-CBi4mbDarBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK7uwRqXIueTjraMs693FlhkHAEHagB7EV-OXOsQf6_Qt20Yww6Q6Yyr2ccGiDeheW0yV-8mvc1ti9gfU5kH1G9ePIcRVI
date: Tue, 07 Sep 2021 03:44:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 71A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMzg3868g9K2_UXJJAtai8&google_cver=1&google_push=AYg5qPLhBwScRapk8mZk3GZw1JN37WTdvJQqCcnpnO2o-9l4p6TvCnVqQU_EGy4Q9vy_Sdpjz7a...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Q5SjNOOTEtMVctQ04w&google_push=AYg5qPLhBwScRapk8mZk3GZw1JN37WTdvJQqCcnpnO2o-9l4p6TvCnVqQU_EGy4Q9vy_Sdpjz7aaYDxdYPAXpFOGAl5a2A0ZK-g

170 B
329 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Q5SjNOOTEtMVctQ04w&google_push=AYg5qPLhBwScRapk8mZk3GZw1JN37WTdvJQqCcnpnO2o-9l4p6TvCnVqQU_EGy4Q9vy_Sdpjz7aaYDxdYPAXpFOGAl5a2A0ZK-g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Q5SjNOOTEtMVctQ04w&google_push=AYg5qPLhBwScRapk8mZk3GZw1JN37WTdvJQqCcnpnO2o-9l4p6TvCnVqQU_EGy4Q9vy_Sdpjz7aaYDxdYPAXpFOGAl5a2A0ZK-g
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 71A1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpms...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 71A1 0
253 B 84ms
27ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lwj125CM_etsbREtOo4uwaEi_p1hzms_8ERPi1fc_jZUBqc8JqK0Y3xs8EKhPlr7MRMfht

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame B44E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01e9f34c8133f1351f81e2cfd3069f360c4260a19c5f92ca2c8ef482211ba4f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame ECB7 64 KB
8 KB 28ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 474809
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 01 Sep 2021 15:50:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 68acefd24a252b22-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame ECB7 36 KB
13 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Tue, 07 Sep 2021 03:44:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79884
x-guploader-uploadid: ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 31 Aug 2021 05:18:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NfaVrx6buSm8o%2Fiqd2q6ISGGCD7JLuZuSxo3ZYM9t4Fes7U2VIUbjHkYcEGdsI6FDb3IfFHikZvaYd2k%2BojL7ZkoCc5a4BMQSFJS5F6rxgGqN4vIzTtWUewfDUCAzFdUgtJsXg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Mon, 06 Sep 2021 05:32:44 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 68acefd23f394339-FRA
cf-bgj: minify

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame ECB7 3 KB
4 KB 29ms
13ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 07 Sep 2021 03:44:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7743866
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GxW7Alb4Yb0dIruC4KAFe7%2B31ar5CupOgTEOczaWbVywSg3Wcb8PEjk5N%2BHx8hGbnVaU57ooL8WEc5NRXIoR7qHHLVsW%2F7OuSVmvIQ1S5KxT65cQismjxp%2B6BKsw3y6mspVyh4LKd5EE0OJqsqf3aOr%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 68acefd28c694dfa-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 076A 2 KB
2 KB 14ms
14ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 07 Sep 2021 04:44:08 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1147689
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wKKDjuV9ZTdO4T2QSDNBFfCZcsz5NUosAG1vtkwlSMKrUNW1VoiACotIWUDocY6amspjesuY7fU0gNrfwJFeQ3AgZOlrC9qBmN4De4YS5GkicquCM4V3fuFhCUhE6f%2Fjhm0YYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 68acefd27a592b22-FRA
content-encoding: br

POST
H3-29 200 rs Show response
ad4m.at/ Frame ECB7 1 KB
2 KB 26ms
25ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a942d8626948be0cbc1dc37925ff7ba469790f3002037ed82b2cc28285c36011

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 68acefd2de0a4de8-FRA
date: Tue, 07 Sep 2021 03:44:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5abMzpg%2BlgdgQJB%2FZopCBPKGItt%2FjK%2BJYql208noY3dm8hTxZar3Uk2bnKT8mrGVdzE4RvRIg4TubEWWH5t6uNMzra3QXoBCln1bOePdpEh4o2b5WW0Dr24PjlZ5YsuONiYFrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-ms1b

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 34ms
24ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-ms1b
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCuRyD%2Fe2f5AwXCNEvTMxaG5Tq2%2BpLH0Df8iwRgVFUWMUZYGc0Qs4xqeU78Qdrkd4d5GpvMLcBD1KR0ae%2Bw9liA7FwbVq4aTBjoniMhpBGXnvVCAMKyoaNJbRO2ybBG%2BO37SbRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68acefd2adcf4de8-FRA

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 3BA0 65 KB
17 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2b6b2ad63a3bc5d0aa508fb167895565cc4dad4646b6052ed3e55707e728d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16969535942247343020/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sun, 05 Sep 2021 14:38:16 GMT
expires: Mon, 05 Sep 2022 14:38:16 GMT
last-modified: Wed, 12 May 2021 22:44:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 16884
age: 133552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame FC1D 0
0 19ms
19ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvZdyB-A2YaDLJJfI7_UPoNSEwAO58-6fZObK2Yj7DemR2bfxIRABIJWs8U9glQKgAaLk0vkCyAEJqQIXGTe1yuqzPqgDAcgDSKoEsQFP0McEPCDk7jyFOJXOaR7e6vAn8B4kVtIEgTht5v2_nqKjn4jE4sJLKnZInjVq9Z1F-FEBpIcmLF_M8B4NmwlUy-IrmOO34DKNTRa83AXkftCO2pmYshHVPaXdAu6bN2mXQpUr6YKTrxgi1vACnbOjrgYgJzK9MnA9KaXag4oSnJAPB7TC3RoBig_5_pyqZjmOG6_-Y2mm-HXutyGQzp-LWJ9jURdssbzS_hxU8ZDPINLABMXBo76nA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfGm62GAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQl9wG0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTk2MzE0OTkxODQwMjk2NTQYAA&sigh=ywUz_vJ4Jz0&template_id=419

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=1&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600%2C431x280&nras=4&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=661&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Kj5QKxOfpS&p=https%3A//www.jaditau.net&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Sep 2021 03:44:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame FC1D 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=1&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600%2C431x280&nras=4&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=661&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Kj5QKxOfpS&p=https%3A//www.jaditau.net&dtd=41

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:14:35 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame FC1D 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:21:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC1D 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:08 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame FC1D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:15:16 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C555 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=1&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600%2C431x280&nras=4&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=661&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Kj5QKxOfpS&p=https%3A//www.jaditau.net&dtd=41
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmB521whVEsHIQ2DgKZmBaHLXaxmSElCGiSa1EUJVMDPjUZRsBiAJA8oBarIhE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=1&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600%2C431x280&nras=4&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=661&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Kj5QKxOfpS&p=https%3A//www.jaditau.net&dtd=41

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Sep 2021 03:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame E876 6 KB
3 KB 18ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48be30e647c719e464aa485b57b8ec7cf9d7d20f6e329663f5c6209ddf98ba89

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://as.ad4m.at/ad/dr?ed=1gafktqj4n7qzmw5mqh02jygej8erz2tfqg1yyk1ktzxee38ster7eenvwht08vkeh2d63edfkvx85d8sxbcch2t23z8cwrhq7kg1m34qpnw380c36d6ehd7swa1dtk5qddryq3vceswm7cnte2hh7eatnqkstvkdv30pbpaeaeg4t6pjr09dzw4vykqeanh07359dx8dn6yqtgnpcmf58t90c7kq6kbfvazt3w64p1855w825swn6xkzyc95q4q81ccb0t7fxeg3er0vcmad9q2jgvj3f30xb2e9qefhesghpp1gkqg2pd0araqp2cedec1ncg95dy3qhzd37t73dw9gaf3dffwnkv990a3p5pw2mfvqhzrbvcxmq7cfdftn6y9fn0dy6jbf3caty0rg7mv&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%26client%3Dca-pub-9631499184029654%26adurl%3D

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68acefd30b022b22-FRA
content-encoding: br

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame FC1D 0
20 B 42ms
29ms Other
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CODqr5_56_ICFRfkuwgdICoBOA&gqi=B-A2YfKFJJSS3gOSiYWICw&layout=/sadbundle/%24csp%253Der3%24/16969535942247343020/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3BA0 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 14:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Sep 2021 14:07:09 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3BA0 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 01:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 08 Sep 2021 01:39:59 GMT

GET
DATA 200
OK truncated
/ Frame FC1D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15ca6bed19f3b7b9d50cb1dca5cea41334e963d1a8c063002ce858f92feef21

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame E876 64 KB
8 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 474809
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 01 Sep 2021 15:50:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 68acefd35b732b22-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E876 18 KB
19 KB 25ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 07 Sep 2021 03:44:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 450084
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdumvVwftCZaUDg4JyePpeP1c3z56f6RH6WRvNuFaTKPfRWfHnsd4jeExjgH10eF4u3YrrcS8LQ7gjpFpmEqpC4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nir7B22e6K4I6a0VVqaQbaCJ0I4OdR8EZ5O6Xrhwj6so%2F%2FxisWhReAS%2Fsd9dNwYZuIQROJQj6ysyDv6JdNU2KzP8S430SbbuEUgd8LoErsUKub9BF41cXDCG88Vyl275cnRqyy8kshpAc8VT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 08 Sep 2021 03:44:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 68acefd369a94339-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame E876 2 KB
2 KB 17ms
15ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Tue, 07 Sep 2021 03:44:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457973
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdvP1yckua1Ub-neWjAMDQ1zNwEQIaeeRXiehWynPHdM35vOzdpwouUEnQmGBSxC5JmK_d2SS1YGy-h-thOxeaQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szebJT0Z9Bm6R3DHyEX1fKIGSm3WQeWUkI8oZw%2BhljMeYV32l7pGFg6ymD9JrRmC8FdKCvkH6xMJK64q0RBnG3u5sQgtxYg5QuwVUXrKnBA%2FgTgc9OS69JeOprLqhUaSPVSfqLwC8SaHHhCe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Wed, 08 Sep 2021 03:44:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 68acefd369ad4339-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E876 43 B
703 B 110ms
54ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Sep 2021 03:44:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame E876 38 KB
39 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 07 Sep 2021 03:44:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 450948
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdv8xGdUhKJVTHa5u-JP1fcTvDC-8No91Bt54c8hPuPQOaiHwQz6gVP1JkX6-dS-DidI9iyU04KZwaosxLGPqwI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8638ymLlRoeVGsf7BF4hwSoQcO9U%2Bfe%2BkkuRH2qdLGDBuXdMbtPM7Cauh9PKNS5EMizN2dWjXYh6GHBkpvCcskr%2Bk14dXCFTLV0jMWFuLDE9ULDJEKNcswFU32ea5iGdrYtUdalL5BkyRcYA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 08 Sep 2021 03:44:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 68acefd369ae4339-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame E876 113 KB
113 KB 24ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 07 Sep 2021 03:44:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 448651
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdsNl8SMchIlVq8_BtSU9Rv-uAQf8Kl9llren3bSTpWVhw_M042fDEhPuFG-X6Q1xGw1TpEitFCumJAsOOt2QiKO9Xdd0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7dLhD5bns6AKt16%2BrKBC4IO%2FDOzPA%2B7f7IkXVH8ogY5nTqqxfyJv4K5pfYALEQD3I%2FH0Y8J1CTon7yDJWpPEEmyucKT3cb33QuMIDhjQnZdmugKl%2FJKskDCk2zIddXkpjGh9CvCHXOqvwjB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 08 Sep 2021 03:44:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 68acefd369b24339-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E876 43 B
704 B 116ms
58ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Sep 2021 03:44:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame E876 8 KB
9 KB 15ms
14ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 07 Sep 2021 03:44:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 979212
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4%2BBRzBHdtRyTvaPXRGzc5PjkZoDh9lUJsg0MGEsfUuUG7qsKckVhyfaDln7STxWBEM1HuUEi3i3bY7DzfrCs%2BG252I8FAYyInpIiijDsx3QxGi5nRo3dJ5OpIB9TS%2B3nE%2B%2BI4NyxVpkcbzF"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 08 Sep 2021 03:44:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 68acefd369b34339-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame E876 30 KB
30 KB 20ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Tue, 07 Sep 2021 03:44:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449187
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdtAEE7UcIDGIcl5lFfwe-rteQtDUoFYQPzB_kBMScP0-ewn95avT4tpH7GdCiM5XHzDwGGreqaj5uoqby2jutxraZZvoA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03sN4tNtvVyQQ3IwF2ZVmCL6tUJlFwLqDl0NOLjdrqTP98ZGfqlhYC8yfVs5%2FdP4MCoggRiVugFtN5%2Bw77RgPXcrRRdKCyJkeX77F%2BAcRvzIYd0bo1oTMLB4McXAe3FuVWNMPoABdaVR%2BMPc"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Wed, 08 Sep 2021 03:44:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 68acefd369b44339-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame E876
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLGU2Z_56_ICFYZo4AodmnMA2w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630986248_db494421-0f8d-11ec-a1d8-692d067fb68d

0
518 B

95ms
29ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630986248_db494421-0f8d-11ec-a1d8-692d067fb68d
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=160&d=600&e=&g=ca0c81095ff09c06fb221fcf9deaf977%2F6895258951835853386&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630986248150&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kv80q4rzxt50k1we39b6v9zwexgxncwqb5m0mrjpymnhf4axyzkcevcbe5bs01ptt0yxsyp4173dpv0azw6nmz4jmr3s37f2jmrb3tfjvrcyw8003207wp4vdyp7hsk2x5qt6ggq3es2y02z84g79fzekv9ywzvdm9xymdkvmr4egjgat3wh4zhar8z9h0vtwgg8phnrj5m6fdey0d8dzczbv4agxavfwmqhb6q6wx0acbgtr4zhzbg82rvy0kcv95dqg1d14y34%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCK6yMB-A2YefvIt6u7_UP9ZyQkAiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTk2MzE0OTkxODQwMjk2NTSgAcKu6N0DyAEJqQI9-o_10e2zPqgDAaoEpAFP0E5Y3WM7ftpyeJjp2PgMJAO4Xw8Zc6ILrJRZOd6yR45xIP5PxQbxVwIGb7tbWA1dsyhNd9ICfyZ657VG5bQCoWTefFBywbymJuvmH754nGhNI5ae_jwFb-VkOx4kdOPXSMUATPrfaAy2AOj_cn-6DFZM2Z_Vy-9NOCyBGNPxUDguZpM39t1URDheUSmeXCCy6Deq7UTVkIIBB7h-SRtKDcCdhoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2nT_OVDj3AsT--_DJW7DHPqij0Qg%252526client%25253Dca-pub-9631499184029654%252526adurl%25253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Sep 2021 03:44:08 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 07 Sep 2021 03:44:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630986248_db494421-0f8d-11ec-a1d8-692d067fb68d
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C555
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkdSRxvM9UlmdAyK7qqUkPPHiYtU17N-uV5N_8avJfSegGQGAdLuZdI_8TTNz4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Sep 2021 03:44:08 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 07-Sep-2021 04:44:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Sep 2021 03:44:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Sep 2021 03:44:08 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BA0 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 05:01:25 GMT

GET
H3-29 200 CANCELACION_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 3BA0 8 KB
8 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/CANCELACION_DE.png

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 45217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8598
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Mon, 06 Sep 2021 15:10:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 15:10:31 GMT

GET
H3-29 200 CTA_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 3BA0 10 KB
10 KB 10ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/CTA_DE_GRANDE.png

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 331067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Fri, 03 Sep 2021 07:46:21 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 07:46:21 GMT

GET
H3-29 200 TEXTO3ADULT_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 3BA0 12 KB
13 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/TEXTO3ADULT_DE_GRANDE.png

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2b1e7e485a1aa72118ae749b410a94e3aee5853dca9e5da49461081858d9b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 73877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12776
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Mon, 06 Sep 2021 07:12:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 07:12:51 GMT

GET
H3-29 200 TEXTO2_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 3BA0 14 KB
14 KB 10ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/TEXTO2_DE_GRANDE.png

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d0c73d97749dd61bf2a3e295270acfdf38d4eb3a333a622feadc473d4a667e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 330567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14459
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Fri, 03 Sep 2021 07:54:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 07:54:41 GMT

GET
H3-29 200 TEXTO1_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 3BA0 12 KB
13 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/TEXTO1_DE_GRANDE.png

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e8ee6411ee4d21f517e5b71bcd7b5ac80a4a761ed07696bf56f4860d5f9e54

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 44623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Mon, 06 Sep 2021 15:20:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 15:20:25 GMT

GET
H3-29 200 fondo300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 3BA0 83 KB
83 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/fondo300x250.jpg

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f88833455142494fd0080b47f654ac4535aab0fb5cbb04abb44ef4d66bdf5b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 319334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85229
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Fri, 03 Sep 2021 11:01:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:01:54 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame F6F1 11 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5442514344972767536/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2960
date: Wed, 01 Sep 2021 21:15:48 GMT
expires: Thu, 01 Sep 2022 21:15:48 GMT
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 455300
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 61D3 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT74SB-A2Ybj9I-SQlQfe-rPIB8j6xfJkj63StZwNloLNhYgWEAEglazxT2CVAqABo9awxAPIAQmpAo8KDDEY67M-qAMByANIqgS4AU_QmuVjIPoCFj5Ob32Ami9HTgYekzdrnBHwTMUlko5pxc9U1j6B5Fod4USCmxjSTYqqTZx1VJGf77Qw0hVkweBTfN-illF1uWSP_xaCXGJr9hD7wOJlHt4kPM8LMOnQ3xycG49i-GNCNiNndMFv00D5pd1Yilezg0A0ODvgmrh8hOR72_QoHxFrsnLFd8K5as_Pa8Bcq9BBQm-nw-uCNP6ioAORu_-qURe0RQbKaFJj1Z85ut942MjABK--kPuKApIFBAgEGAGSBQQIBRgEoAYugAfFqc87qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDClwvSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTYzMTQ5OTE4NDAyOTY1NBgA&sigh=rU16u9jbAVQ&template_id=419

Requested by

Host: www.jaditau.net
URL: https://www.jaditau.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Sep 2021 03:44:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:08 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 61D3 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:14:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 61D3 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:21:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61D3 122 KB
37 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 61D3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 03:15:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 61D3 0
0 14ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0PWVNGfe-Y4HEW_9lFeRXEkDYvtbrReZcjrIwozwkyVDyLE--vJFVomK9jchLN2xSz3hgwwnmayyY-FfxA3o1x3NzFg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3BA0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27D5 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Sep 2021 03:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 61D3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3491ddaac2a424dfef88e84fa582f32098d1a8c36580ef3df34d8da7e6091272

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F6F1 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 01:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 08 Sep 2021 01:45:35 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F6F1 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 01:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 08 Sep 2021 01:39:59 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F6F1 57 KB
23 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:44:08 GMT

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 61D3 0
112 B 14ms
14ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPicr5_56_ICFWRI5QodXv0MeQ&gqi=B-A2YeLCI4q03gOjoLjoCg&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27D5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9631499184029654&output=html&h=280&adk=1994013442&adf=532360683&pi=t.aa~a.914490604~rp.3&w=431&fwrn=4&fwrnh=100&lmt=1630986247&rafmt=1&to=qs&pwprc=9101597223&psa=0&format=431x280&url=https%3A%2F%2Fwww.jaditau.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630986247545&bpp=1&bdt=996&idt=-M&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D66c86d645d25e566-22bc8ca6e2ca0068%3AT%3D1630986247%3ART%3D1630986247%3AS%3DALNI_Mb50dS7NWe-bKt2vI5pJsWh3NAnSw&prev_fmts=0x0%2C278x600&nras=3&correlator=5507381444474&frm=20&pv=1&ga_vid=2018528716.1630986247&ga_sid=1630986247&ga_hid=1190219997&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748552%2C31062297&oid=3&pvsid=3546512337045507&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210831&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jgK5t7iVqX&p=https%3A//www.jaditau.net&dtd=32

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Sep 2021 03:44:08 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 07-Sep-2021 04:44:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Sep 2021 03:44:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Sep 2021 03:44:08 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame F6F1 906 B
935 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/imagesuv0myt5eb1rnnbxsp1ds.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 59433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 906
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Mon, 06 Sep 2021 11:13:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 11:13:35 GMT

GET
H3-29 200 1ad6b5aa39cdeb703ff094f477328c96.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame F6F1 38 KB
38 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/1ad6b5aa39cdeb703ff094f477328c96.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 60835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38697
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Mon, 06 Sep 2021 10:50:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 10:50:13 GMT

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame F6F1 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 05:01:25 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210901&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

746c6e9e3e134451a4adc96069226a23eead3e842280475a3906da62c8611c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 03:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8604
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 03:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 07 Sep 2021 03:44:08 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EAD9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 06 Sep 2021 22:24:50 GMT
expires: Tue, 06 Sep 2022 22:24:50 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A7DF 783 B
533 B 19ms
18ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5823eaa141c541d792d4337462c0300e670593557f19d0c4ab844322275fa19a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WWBjQ6auj2h2lCg4EQ5Jag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jaditau.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.jaditau.net/

Response headers

expires: Tue, 07 Sep 2021 03:44:08 GMT
date: Tue, 07 Sep 2021 03:44:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WWBjQ6auj2h2lCg4EQ5Jag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame EAD9 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 05:01:25 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210901&jk=3546512337045507&bg=!urmluf3NAAYJpm41CaY7ACkAdvg8WmUo1BoJkK-LiYkYaXfVSPcNyz_1dmax7dn0hjYX6SvyMqoySQIAAABvUgAAAApoAQcKAMfgS5bJNaGqZ80XC3ObjKaog5WUg6lhohxM54336RNJCDMajyi5HxWUc5kdvhwBshgBgGfwTXwBDY1AoUlANetYz7QZoekzHWdsMVBK881V5aIuHlXTYctdNneIR0OI2hOUp4Q_KOvfGWPvP1oDH2xujuqYP5wTV_wENNgIfKEyCNQh0dGNRY8yTIpJGQphvBStkNWZtp8R-GetwN9DBq3wUMLoXVNOQU_PBIUIHezL6XFcQaaLHFdhsqINrj0cP7nQsnzTeogemQJ00tx_aGBmrwayS28HiKA7h36PzWS38Aa29PSFRGob4q66u4Wev_ytxsInIyV7PIMcwoAdbipNSO5PBo8V82GZAi4vlgHnBR7MUvZR-IAm1reIjsT580GtVuhQHXxMhQvsHd_u1TuXoFLjl-Fc-mdVUMeNhRJq0j9FVbxWs0M0agrSWA911nhy8jdtoNPPLWewBCuC4TuTb8bYlngfEf3_7r-WAnIDZPR_Ny_EWoqlOa4fHcZ0d90U02wXjD9SyxGEBvn9sI3fPeB3mWtuOHeClfBu9VoBLDolAe_0p_V7izNcRCEPrTedWepA2_CuO3uJvA1YnfjqP7SiGEumLChdDxfRYrIc28KOhMotfa0cMW4ausjlQ2xydDe21hDp2Q1kycWzNZwITEvUqzQ5tpklXewkLZkQlqEZGdlgyBxybcaibLZ_RZ2ndGXOoSpYpm7Q9L7_IFCMRFIgENBVk38oJnoTg5PytExolsv7PjU6IMGg031wDwLuEG6Bv0Uv8Z5VAPDgOGD_iASndRDIN9ErLSpvEFmgwhxc4P0H66hdTPSrlkTdZ9tC7yP1o8_E09EILuzZOj8xrzGmYHU_LyqDG2fokIpEunPB9bnN4BhcGtAQVG6GEs0GiUGtB2A7VftL5FxDfygInj3K_M5OSZtU0srZDG02UR7nQ6U3c87ERy9GkwAAJbNhfCgxT0rprZ17508gtEtC39jkX5Nauh3tWuyrZeppjN3ZeQAnBOVyl8_GlEuoMnw8JfQT1PPPwpS-OVOPUZOOcjPEWiRQ_KvLHwf4l1BKOpSjqNb_I4U4VwDq584rtXGjALU_mK0iKF8DGI_8ZA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jaditau.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F49 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMb_csFgkpGxsTg68jmFiNzXN4F7nx6vu8ywk3hY-ZzhOQ9_yC9r-A1_-j5ktJxcZEu7J37Dxl3-wpkY-0xTVk3EAAvoIj2DhNDJH-NhX4bSFbrewSR7V7qxo1xA&sai=AMfl-YQIeIyM4z8sAzVHrioXpJM4Nze3WGp8I8Mu3GtwYlc3rqOhCQV68AZd75rT3zG3iFJ_jsMC2__7O-E1&sig=Cg0ArKJSzNWZ19FiHhz4EAE&id=lidar2&mcvt=1000&p=1100,298,1224,1303&mtos=97,693,1000,1131,1282&tos=97,596,307,131,151&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630986247622&rpt=104&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 03:44:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.adpxl.com
URL: https://static.adpxl.com/adpxl2.min.js

Domain: v1.sosiago.id
URL: https://v1.sosiago.id/js/tracking.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTbgCDQItHUWtAatn_uzrAAABLoAAAIB&google_gid=CAESEMwbwKvoeRmL5yU7ouIS59o&google_push=AYg5qPIO2lGb7TEGyjAg7SrBFYAJBeeU2peTq2vFTiaL4wSQpmsc1sF3FsgqTXzH_s2N91WXIcGyhjQ9YglB_yec_Iuz8C6xj-A&google_cver=1

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 21:03:09	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-20 14:34:18	Name: IDE Value: AHWqTUkiKx7vciUC7ABlYpscstZli_0sapmMx3mE_Fpw4vseNUStyRhp9_YPIoiE68g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.jaditau.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
lh6.googleusercontent.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
s0.2mdn.net
static-de.ad4mat.net
static.addtoany.com
static.adpxl.com
tpc.googlesyndication.com
v1.sosiago.id
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.jaditau.net
cm.g.doubleclick.net
static.adpxl.com
v1.sosiago.id
103.243.172.195
104.111.239.217
142.250.184.194
142.250.185.98
142.250.186.166
148.251.139.77
18.195.172.136
185.64.190.78
2600:1901:0:76b9::
2606:4700:10::6816:46c5
2606:4700:10::6816:47c5
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:3032::ac43:aa7a
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2004
35.227.252.103
35.244.174.68
69.173.144.139
01e9f34c8133f1351f81e2cfd3069f360c4260a19c5f92ca2c8ef482211ba4f9
023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08a91f7572dc0786b5c9e22944ab78d44b58f6178b404572552761e2d6ece431
0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
16368645110ed92bc7e129fbdc8a439ecdc32e11285ab3f8fcfa121a0167b6c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d6b5843ab83d6d615ca804e5fcd6e141251c43164c6aa1e3dc8a82da5fd2c72
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
22165bd3827372938e5bf1d356f9098775ac09577a4573e4be040bb58adcc452
246bc91c6e87d9258c7b7a64ab20c253cbdc3f8f46ae6449ff5e7e7f2f1d3c3b
2668145cc661f3bf022bfa299ca6a6a337689892ec2430e34e6cff6e9beb399c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2
3491ddaac2a424dfef88e84fa582f32098d1a8c36580ef3df34d8da7e6091272
39e8ee6411ee4d21f517e5b71bcd7b5ac80a4a761ed07696bf56f4860d5f9e54
3b805ed2beccc8691a4b33a62570a07612f0ccd847bdd11464c26cd648bccd91
3c7978244b79733fcaddc71ac24d75ffba9400f505e6ee471060995399401a9f
3d0c73d97749dd61bf2a3e295270acfdf38d4eb3a333a622feadc473d4a667e3
3d4e602cc9be5f0349f7ca875b276429e707d5a9045467b280c2b76f5bebb964
46042276eac74fe9bb3fbdaf21259df1ee9a477ee1f73c61a7cbc5b960b5612d
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48be30e647c719e464aa485b57b8ec7cf9d7d20f6e329663f5c6209ddf98ba89
4a72ecd9cfaf93b5d069ad088590545585ac1cf2c9bde2e35c5033c4c17ddcd6
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50f36dfa6fece434e88e474d214553f6dc1972a8b05f4cdcc3db65890644bd7a
54651f13de5a67ae9a41a461d8520e2ed2d25d17d94ee64c93f6c9e58323eafd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5823eaa141c541d792d4337462c0300e670593557f19d0c4ab844322275fa19a
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5b2b1e7e485a1aa72118ae749b410a94e3aee5853dca9e5da49461081858d9b2
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
6262de3579e7848d3f2b15909fee3ed3b29d6078d5cb30c7e4b672bb0f03739a
640843b5506f48602e91d99837cc9bf299fcca3455648ab0892a3262c0c8dd96
6856af1b20157893615894a02c5bc6980a56c04db3d26b68bd915d2c4d7a4881
6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e
6de6ff31cb698955db3c7e02e1fb3badacb75374b7682335f6ff0b5702b4c457
746c6e9e3e134451a4adc96069226a23eead3e842280475a3906da62c8611c88
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86a0a8896b8b6f909f3d485452139fdf70df2a23c1c602ab47d326423eb8a5d4
880de7665b1aaa840303313deca3352af257d55aed4584d5e17f0fbffe0fde01
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d572ffbb369a5792dfc86dcb367e21ed90067dfa0dfffb0287b2c6b56adaec1
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f2b6b2ad63a3bc5d0aa508fb167895565cc4dad4646b6052ed3e55707e728d4
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
92c99e2cf4c06b688a835a1aec1699c099f7977b5cca773fb41821d57b4e8e72
953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f88833455142494fd0080b47f654ac4535aab0fb5cbb04abb44ef4d66bdf5b5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15ca6bed19f3b7b9d50cb1dca5cea41334e963d1a8c063002ce858f92feef21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a942d8626948be0cbc1dc37925ff7ba469790f3002037ed82b2cc28285c36011
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1
b1ed96501f76469434bfbfd2affea996b888b7f23cc76b7e3b99eb5bb2e90c17
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8de3c5f443a82c55fa9ea36d38496578ea616a09c58027f92f4809d6a0e0460
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c0ab554767d6d1f78c446a686a033972e6d26df8a67fda29b50eb51db3391f9a
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c94748df1f0dd68d3e4dfd2d340a4946ce4d2f05d08b964e0a8617932e664828
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
ce74a6f2bc7e3c3039030dd7e85cf35293803995dcaa5e11d0ea56bc2bcca04c
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d24a9d5d6ec8fb080c2d0ab7c4e27cf450687ddb3b5331bfa19789fe316d1b09
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d739f4e9502d3c672029d4580ddff6e52872660508cc4b3f5c2eb2735c66a466
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1edd8bd152ea994db792861bb3300434be689e4fb150aea2cb384f729fd41
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b4d7ec64771479e036cd1c46f0f71838e3ffbc01cbc4c16af78904941809c5
f79382c75b1b87a9c80d903a771e1db9e3987b39c6645c203b4709e9c4c0dd3b
f8f50f610cdfbc5dd023cc2738af889ea8b582e00fcfa16c4584cfda7fa3cf92
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f9705ea647104254fba9bc49ba64e802928b94d3094cff630fd4f7be4f7dcfab
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdb18acc29839ec39b839ed6dcedbfca10c60045f0cb72949eae6a53954d2304

www.jaditau.net Open in urlscan Pro 103.243.172.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

98 %HTTPS

69 %IPv6

25 Domains

32 Subdomains

30 IPs

4 Countries

2180 kBTransfer

4197 kBSize

2 Cookies

8 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jaditau.net Open in urlscan Pro
103.243.172.195 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

98 %
HTTPS

69 %
IPv6

25
Domains

32
Subdomains

30
IPs

4
Countries

2180 kB
Transfer

4197 kB
Size

2
Cookies

149 HTTP transactions
6 data transactions