urlscan.io logo urlscan.io
SecurityTrails logo

f.pondit.xyz Open in urlscan Pro
142.132.255.53  Public Scan

Go To Rescan Add Verdict Report
URL: https://f.pondit.xyz/
Submission: On March 10 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 115 HTTP transactions. The main IP is 142.132.255.53, located in Germany and belongs to HETZNER-AS, DE. The main domain is f.pondit.xyz.
TLS certificate: Issued by R3 on March 9th 2024. Valid for: 3 months.
This is the only time f.pondit.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 142.132.255.53 24940 (HETZNER-AS)
3 142.250.80.42 15169 (GOOGLE)
10 142.250.65.194 15169 (GOOGLE)
18 154.26.157.28 141995 (CAPL-AS-A...)
1 104.16.124.175 13335 (CLOUDFLAR...)
3 142.251.32.99 15169 (GOOGLE)
23 142.250.65.161 15169 (GOOGLE)
4 34.86.179.162 396982 (GOOGLE-CL...)
9 142.251.40.98 15169 (GOOGLE)
3 142.250.72.99 15169 (GOOGLE)
4 23.56.162.28 16625 (AKAMAI-AS)
7 23.56.212.28 16625 (AKAMAI-AS)
1 35.244.170.237 15169 (GOOGLE)
2 23.199.49.202 16625 (AKAMAI-AS)
1 104.117.182.144 20940 (AKAMAI-ASN1)
5 142.251.40.225 15169 (GOOGLE)
1 129.158.248.135 31898 (ORACLE-BM...)
1 23.44.201.214 20940 (AKAMAI-ASN1)
1 1 142.250.80.34 15169 (GOOGLE)
1 142.250.80.36 15169 (GOOGLE)
115 20
18    142.132.255.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.255.132.142.clients.your-server.de
f.pondit.xyz
analytics.followingbook.com
3    142.250.80.42 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f10.1e100.net
fonts.googleapis.com
10    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
securepubads.g.doubleclick.net
18    154.26.157.28 (Sydney, Australia)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi1119751.contaboserver.net
followingbook.com
1    104.16.124.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    142.251.32.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net
fonts.gstatic.com
23    142.250.65.161 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f1.1e100.net
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
tpc.googlesyndication.com
4    34.86.179.162 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.179.86.34.bc.googleusercontent.com
rtb.ads.us-east.travelaudience.com
9    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
pagead2.googlesyndication.com
3    142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net
www.gstatic.com
4    23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com
contextual.media.net
7    23.56.212.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-212-28.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
c21lg-d.media.net
cs.media.net
1    35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com
static.travelaudience.com
2    23.199.49.202 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-49-202.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    104.117.182.144 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-144.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
5    142.251.40.225 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f1.1e100.net
cdn.ampproject.org
1    129.158.248.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
1    23.44.201.214 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-214.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
1    142.250.80.36 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
32 googlesyndication.com
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
334 KB
21 followingbook.com
analytics.followingbook.com
followingbook.com
58 KB
15 pondit.xyz
f.pondit.xyz
2 MB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 759
warp.media.net — Cisco Umbrella Rank: 2956
lg3.media.net — Cisco Umbrella Rank: 7803
hblg.media.net — Cisco Umbrella Rank: 2396
c21lg-d.media.net — Cisco Umbrella Rank: 2378
cs.media.net — Cisco Umbrella Rank: 1312
113 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
313 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
132 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 397
104 KB
5 travelaudience.com
rtb.ads.us-east.travelaudience.com — Cisco Umbrella Rank: 46426
static.travelaudience.com — Cisco Umbrella Rank: 26381
209 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 805
mb.moatads.com — Cisco Umbrella Rank: 985
px.moatads.com — Cisco Umbrella Rank: 679
114 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
2 akamaihd.net
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 24134
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2394
43 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 709
3 KB
115 13
Domain Requested by
19 tpc.googlesyndication.com f.pondit.xyz
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
18 followingbook.com f.pondit.xyz
15 f.pondit.xyz f.pondit.xyz
10 securepubads.g.doubleclick.net f.pondit.xyz
securepubads.g.doubleclick.net
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
9 pagead2.googlesyndication.com f.pondit.xyz
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 contextual.media.net dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
contextual.media.net
f.pondit.xyz
4 rtb.ads.us-east.travelaudience.com f.pondit.xyz
rtb.ads.us-east.travelaudience.com
4 dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.gstatic.com f.pondit.xyz
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 analytics.followingbook.com f.pondit.xyz
analytics.followingbook.com
3 fonts.googleapis.com f.pondit.xyz
securepubads.g.doubleclick.net
2 hblg.media.net dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
2 lg3.media.net dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
contextual.media.net
1 www.google.com tpc.googlesyndication.com
1 cs.media.net contextual.media.net
1 cm.g.doubleclick.net 1 redirects
1 c21lg-d.media.net contextual.media.net
1 qsearch-a.akamaihd.net dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
1 px.moatads.com rtb.ads.us-east.travelaudience.com
1 mb.moatads.com z.moatads.com
1 pxlclnmdecom-a.akamaihd.net contextual.media.net
1 z.moatads.com rtb.ads.us-east.travelaudience.com
1 static.travelaudience.com rtb.ads.us-east.travelaudience.com
1 warp.media.net dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
1 unpkg.com f.pondit.xyz
115 27
Subject Issuer Validity Valid
f.pondit.xyz
R3		 2024-03-09 -
2024-06-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
analytics.followingbook.com
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
followingbook.com
R3		 2024-01-31 -
2024-04-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
rtb.ads.us-east.travelaudience.com
R3		 2024-02-22 -
2024-05-22		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
static.travelaudience.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://f.pondit.xyz/
Frame ID: 51B67FC85842436887B8360700D303DD
Requests: 50 HTTP requests in this frame

Frame: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F59DCF89A7487923CCB08FA560EF5414
Requests: 1 HTTP requests in this frame

Frame: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C2A34CB265884668E8A8B43ADD52C40
Requests: 1 HTTP requests in this frame

Frame: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8369B0CF29396AC047A4FEE8F62DEBA5
Requests: 4 HTTP requests in this frame

Frame: https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Frame ID: FE1751C53533B1900622B6DE39231323
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js
Frame ID: 3692CAA10BC806D559FF4B4ED3B1A7C8
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: C49F95206A739D9D44A40579330677E4
Requests: 7 HTTP requests in this frame

Frame: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DBD74322AC66C6E2BB3BF17C7D2D44BD
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gZnWy8mTJh2nv19RYTdHYGEDJC1_M9D7HOMBQELlJo4.js
Frame ID: 89D9B3DD14DB2437544EF489889DDF43
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3509&&kkdd=Hu%7CH%7Cn*9A&7o=F-FKKNwttNtyKV-LK-u&9(Qk=K&UPQaeO=t&YPQg=K&!(7=FFuK&.P!a=)yVy&!o(=u1X-d--FM&!Q!(=d!29c_pUvfMp5Fvv0kkf!H%3D%3D&!ko(=yuwFVFtw-&Poha=VKK_twK&!!=Xr&P!=1R&!6eY=B*44R1)M&Qo(=uBiL-JjVr&.Qo(=3FMVLLu&6..QP=F&kkk=.hJ06)!I0)vV6G_-5-oyd7BMIaq5*e!1&ePa=w&IH=F&U9(=y&g(.F=u1XXNflus&g(.t=FwwNtFtwy&m(g.g=P(t%3DeUIInoUkIvI%3DFKnm6v!QY%3DFnc9akQY%3DK~Fn(cYvm%3DK~wVnP!(%3D!gnkga%3DK%2CK%2C0Fn(cYvI%3DtKn7ItkvP(%3DtKtyKVFKFtnoUkIvm%3DwNw~KwnUkIv.C!%3DKnUkIvktgvm%3DKnP.(%3D-NVuNyL-KnYevma6vmccP.%3DK~yLnkg.%3DK~KKK%2CKnoQ%3DFx!-R!nOmm%3DFLnm6voY%3DwyNnkooQUg%3Dw%2Cwnk!%3Dt%2CtL-nkQPvP(%3DtKtyKVFKFVnkg(7%3DK~KKK%2CKnUkIvm%3DF~Lun7ItkvUkIvm%3DKnUkIvI%3DFKnPI7%3DVK~NLn9!g.%3DwKFKVKn(mPo(%3DBAKFKnmm%3DFNLnakQY%3DK~Fn7ItkvUkIvC!%3DKMKnQPov!%3DFLK%2Cu%2CK%2CK%2CK%2CFt%2Ct%2CFwnmY%3DFnQPov(%3DtyV-nkCa%3DK%2CK%2C0FngVQvm%3DN~NN%2C-F~wynP(%3DKnkvHkvm%3DyKu~KV%2CKnUo(%3Dt*gp47qQPLdBuZ33ZDn!7Itkvm%3Dw~Kunm.(%3DL-tFyNKFKKKFwL-NtKVtK-KuVFtNNLKw-ytKyKuFKyFt-uwttuwuLuyuLwuNVVLKNNVtKtyKu-FtuLwNFLNuVywLVwLtFwLVVtFNwuLnUoY%3DKnkC.%3DK~KKK%2CKn7kvUkIvm%3DwVL~-ync9(tQvm%3DFnPP%3D4Rn!!%3DXrnCmv(I%3DaenUoH%3D0Fn!a%3DKnk!7%3Dyw~FLn1*%3DttnCmvU!%3DFne.P%3DtnCmvUI%3DaenCmv!!CP%3DKn!.%3DIcP%20ge9aIaPnmPPvS3q%3Dzp%2C4MAnmgPoPt%3DFNLnm(.%3DF-FKKNwttunmgPoPF%3DFNLnCmv..%3DKnm6vP(%3DtKtyKVFKKtn(!%3Dun7Itkvm%3D-n..%3DtyVLn7Hva_!%3DK~LFn7oPvP(%3DtwtnUkIvkQPvm%3DFF~Nwnm6v!c%3DFn(!t%3DFn7vgPe%3DLttyKnIgP.%3Dn!7c9%3Dw~Kun7oPvUkIvm%3DK~wyn7ItkvovP(%3DtKtyKVFKFFn7oPvUkIvI%3DKna.%3DFNn7Itkvovm%3DK~Kyn7oPvm%3DywL~uVn7ItkvUkIv7o%3DFM0FLnUkIv.7o%3DKn77%3DKn!7ItkvP(%3DtwtnkO7%3Dyw~FLnItkvm%3DFKKKnHkvm%3DL~NF%2CKnkg(Q%3DK~KKK%2CKnPo(%3DyuwFVFtw-nUkIvkQPvC!%3DKnCmvPk!%3DCmmn7HU%3DK~LFn(tQvI%3DFKn!7It%3Dw~KunVQ!O%3DNNN~uwnc9vYP6%3DK~Fn(YYvP.k9%3DQoeeg!Ian(tQvm%3DF~KwnkQPvm%3D-F~wynUkIvPkQPvm%3DFF~NwnkCHQ%3DK~KKK%2CKna_QP!cka%3D0FnkCH(%3DK~KKK%2CKnoPJaO%3DKnoPoO%3DKnUkIvkQ!vm%3DKnmo(%3DK~FnCmvQ.%3DRk.o!IanUkIvkQPvk7%3DKn!m(Q%3DK~Kwyno.5Qavo(%3DF-nPaIIakv.g9vo(%3D-NVuNyL-KnPUQQI5v.g9vo(%3Dn(a.a!.a(v.g9vo(%3Dn7oaHgmoIo.5%3DK~LFnQcP%3DVng!v.5Qa%3DFng(mIC%3D-NVuNyL-KngYQ%3DFnc9mo(%3DK~FKKKKKnmOIk%3DK~KFKnPUo(%3Dn(.!%3DagP.vP!n(YYvakQY%3DOgIPan(YY%3DQoeeg!Ianm(Q!gQ(%3DKn(gI9%3DYUI.o2Uge.oIav7-vgmc7av2KwnP9Y.%3D6cYaQg9av.a!6ecIc95v!cYQU.oe9nPcmQ%3Dn_o(%3DRAW0QUm0tu-NLVVKLytwKuF-n6.YI%3DFn(!U.%3Dywn(c9m%3DK0Fna!QvUPa(%3D2NNna!Qv7ak%3DYUI.o2Uge.oIav7-na!QvQKw%3DK~Ktna!QvQFK%3DK~Ktna!QvQFw%3DK~KtyVyFywwyuy-uNutuna!QvQtK%3DK~KtuNF-KKwKwwKKtyFwna!QvQtw%3DK~KVyuty-wyFwyww-yuna!QvQVK%3DK~KVNKLyKNtuwuLw-Kuwna!QvQVw%3DK~KyVwtL-N-ww-wNVVKyna!QvQyK%3DK~KyLwKNtNNtKyVKFyuna!QvQyw%3DK~KyNuNu-y-NFtKFwKVna!QvQwK%3DK~KwyKKuFuwNLVwtFN-na!QvQww%3DK~KwNwVNu--wLNtKVNwna!QvQLK%3DK~KLVywKutuyN-KFVLuna!QvQLw%3DK~KLuVyKtuuKKKLNVLyna!QvQ-K%3DK~K-yLNwtL--yFL-y-Lna!QvQ-w%3DK~K-NFwFyuNVLLuFKFna!QvQuK%3DK~KutNLuwyVyVLKNNVtna!QvQuw%3DK~KuLtLtNLw-tVFKy-yna!QvQNK%3DK~Kuutut-KwFwyLw-y-na!QvQNw%3DK~KuNNu-wytwFNLyuNyna!QvQNN%3DK~KuuuNutFt-VuKywt-nom!%3DFnePh%3Dtn.9P%3DtwK_twK%7CVKK_twKnmPm%3DFnmPQ%3D0Fn.Y_%3DtyFnY_mC.%3DK&e.7=K&YYY=UWcP4O*A2MC%3D&oH=VKK&oe*Ok=F&m(k*(=yLK&mo(=Vwt-tw&Y!O=LutV-&5(PQk=F&mga=p_paagh992np_paagh292nyaa&Cg.Qka=F&Cg.mo(=0FKt&!g(cYgoe=.hJ06)!I0)vyB6o57mCJxX7!0ANNg(yapP.xl0clFhK%3D&5QIQ=F&oPo(=w&g(7=*e7aP.ck%20lc!UP&PPY!kv7ak=w&g!.=Bp*UUk%2FyeVgeeee2p9aV9%2Fe%2Fk%2F%2FOaa9a4VV&Q9o(=QKu-ytyNwuV.tKtyKVFKFut-&PPI(=%7B%22PPoQ%22%3A%22NF~FNL~ttK~K%22%2C%22PP!!%22%3A%22Xr%22%2C%22PPP!%22%3A%221R%22%2C%22PP!.5%22%3A%22)cP%20Re9aIaP%22%7D&6.YIPk!=F&sflct=386833&ure=1
Frame ID: 19819F17FBD56D36F373611438EBA1D9
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&usp_status=1&usp_consent=0&ckdel=1&cs=2&cv=31&cid=8CU7Q771E&https=1&itype=CM
Frame ID: AEEBAF85934FCCCB3B3A224C93E764ED
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=1&usp_consent=1
Frame ID: 67A313B3D9DB1CF0B528A5D90282C59F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Frame ID: E0C4E0375278C2AF03AD07972F2200F2
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C73F6B6D4105B0E0943A0ACE6D80DF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC6586370D2836082D8A3C47B6BD5D3E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FibWatch.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • moatads\.com

Page Statistics

115
Requests

99 %
HTTPS

0 %
IPv6

13
Domains

27
Subdomains

20
IPs

4
Countries

3965 kB
Transfer

6297 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzUzMDk2ODI5MjgxODQ1NTAwMFYxMA%3D%3D&google_sc=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_error=15

115 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
f.pondit.xyz/ 		62 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
8bca2b8623c7e603ac17eb5a840e400e13d1376fefea70d95a69f765abe1c1f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
7915
content-type
text/html
date
Sun, 10 Mar 2024 18:27:05 GMT
last-modified
Sat, 09 Mar 2024 01:47:33 GMT
server
LiteSpeed
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
ESF /
Resource Hash
d64efe7c69f7fdb4418ef3faae76ad457a908d2ccab0ceed875374b4310d6a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 18:27:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 18:27:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 18:27:06 GMT
script.js
analytics.followingbook.com/js/ 		729 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.followingbook.com/js/script.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
content-encoding
br
last-modified
Wed, 04 Jan 2023 18:44:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
363
expires
Sun, 17 Mar 2024 18:27:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
8493c0ae31e1cee99b646d1aeed82707c875bfc770a0536d20f989d0ff8f0447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28657
x-xss-protection
0
server
cafe
etag
550 / 19792 / 31081698 / config-hash: 12045960760652923083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 18:27:06 GMT
fibwatch-logo.png
f.pondit.xyz/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/fibwatch-logo.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
53530184f52e21cdb6db101308bdf0a3b5326489e3f9bf14790ea7b398f28bac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8095
expires
Sun, 17 Mar 2024 18:27:06 GMT
telegram-logo.png
f.pondit.xyz/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/telegram-logo.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
184934ca83bc8087d91ab5ff6610a254b9b4ad18c7bea8a13fcc428c6d5d83dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
43953
expires
Sun, 17 Mar 2024 18:27:06 GMT
fb-logo.png
f.pondit.xyz/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/fb-logo.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
aec2da3979557d8ab51d77b03b579ad56848ac6b2b53dfbaefffb5da12dfb587

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
193345
expires
Sun, 17 Mar 2024 18:27:06 GMT
fib-icon.svg
followingbook.com/ourservices/img/card/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/fib-icon.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
5607df5fbf61afe34a0bb4eee9d55c3c559129fb9a37c232a4b7aa8ea1ac29ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 12:59:01 GMT
server
Apache
etag
"f77-5e97ff9958f40-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1802
expires
Tue, 09 Apr 2024 18:27:07 GMT
shop.svg
followingbook.com/ourservices/img/card/ 		26 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/shop.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
0604f914c7e58689c2ff2be25a4f6446c5ef73f88ad123681381bc8d95d487d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 13:04:36 GMT
server
Apache
etag
"68a0-5e9800d8d4100-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5544
expires
Tue, 09 Apr 2024 18:27:07 GMT
offer.svg
followingbook.com/ourservices/img/card/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/offer.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
32bd0bfdb293936585a6e9cdbd3e6672df2b4c10b5113c5cf6fb2595570d2179

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 11:33:25 GMT
server
Apache
etag
"168e-60b5d05136ef8-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2354
expires
Tue, 09 Apr 2024 18:27:07 GMT
android.svg
followingbook.com/ourservices/img/card/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/android.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
4afa459690a230b87f90e4c5f4619d8eb9bbba1a2254fe107c05fcc7e9f6d3ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Thu, 13 Apr 2023 09:39:46 GMT
server
Apache
etag
"1a54-5f9348145bc80-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2690
expires
Tue, 09 Apr 2024 18:27:07 GMT
pc.svg
followingbook.com/ourservices/img/card/ 		3 KB
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/pc.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
e5ac3c75da47d89a0af95f629bdb5a66fbdbbecc03a841a868fc5e107aaa26b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 11:34:56 GMT
server
Apache
etag
"b51-60b5d0a81f23b-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
690
expires
Tue, 09 Apr 2024 18:27:07 GMT
exchange.svg
followingbook.com/ourservices/img/card/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/exchange.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
c36f22a8b1a98bd900e95685b5a3804dd79d827e8ffc77e4d7cc37c680476463

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 13:02:31 GMT
server
Apache
etag
"2003-5e9800619e7c0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3691
expires
Tue, 09 Apr 2024 18:27:07 GMT
microjob.svg
followingbook.com/ourservices/img/card/ 		25 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/microjob.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
6abb738ff1ebd56f3aa317633ae43ad58b692992f1e892c400072c2025ee36a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Tue, 07 Mar 2023 12:17:14 GMT
server
Apache
etag
"635d-5f64e6449e680-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10998
expires
Tue, 09 Apr 2024 18:27:07 GMT
qrcode.svg
followingbook.com/ourservices/img/card/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/qrcode.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
13d1aadbe4e213f809f4f0af45bdd70110fa589996fcc9cb6ee4aab93ad8946b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 15:57:18 GMT
server
Apache
etag
"18fe-600b0da5e6cb9-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2084
expires
Tue, 09 Apr 2024 18:27:07 GMT
file.svg
followingbook.com/ourservices/img/card/ 		2 KB
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/file.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
2173c3602eacc8ac7fb1425bde8b36647c6744ca1c81163d7658f7216e46cbd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 19:41:21 GMT
server
Apache
etag
"65e-600638442da40-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
733
expires
Tue, 09 Apr 2024 18:27:07 GMT
transfer.svg
followingbook.com/ourservices/img/card/ 		2 KB
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/transfer.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
88cb5b1ec147c3a3f48ebffbbbde19227e78e7b7435ba9cc3cd37ee20405f9a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sat, 15 Jul 2023 22:11:42 GMT
server
Apache
etag
"76a-6008dd9a32380-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
816
expires
Tue, 09 Apr 2024 18:27:07 GMT
audio.svg
followingbook.com/ourservices/img/card/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/audio.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
94df1e4e937b2c0070bac623f5e0801ec490157a2cb5606e2657c6620d0b5355

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 19:36:56 GMT
server
Apache
etag
"b1d-6006374774600-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1256
expires
Tue, 09 Apr 2024 18:27:07 GMT
question.svg
followingbook.com/ourservices/img/card/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/question.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
13e3a02a79e19f8d4382b4252a111db84d6bc09f5559ef52276ae86aee6bfad1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 13:03:38 GMT
server
Apache
etag
"102e-5e9800a183e80-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1829
expires
Tue, 09 Apr 2024 18:27:07 GMT
text.svg
followingbook.com/ourservices/img/card/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/text.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
468e37879fa91bc40617d1c7edc925911c9cd25ea7ead033c515ef4d0dd696a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 13:01:23 GMT
server
Apache
etag
"124a-5e980020c4ec0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1591
expires
Tue, 09 Apr 2024 18:27:07 GMT
news.svg
followingbook.com/ourservices/img/card/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/news.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
0485ab625df6c818c9a9eec594cd0cc75cae22679b2bae7c330723369d03fb36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 13:07:45 GMT
server
Apache
etag
"153d-5e98018d12a40-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2232
expires
Tue, 09 Apr 2024 18:27:07 GMT
hire.svg
followingbook.com/ourservices/img/card/ 		34 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/hire.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
368b3d00f4e55fab7886a05353007e6f528321e9db7de44820f0706d86d7023e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 13:06:49 GMT
server
Apache
etag
"88d3-5e980157aac40-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12595
expires
Tue, 09 Apr 2024 18:27:07 GMT
love.svg
followingbook.com/ourservices/img/card/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/love.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
06acf945edd8fd2c3261d6b63e878f382e1218870cc22029b06d89112678db53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Fri, 24 Feb 2023 16:59:50 GMT
server
Apache
etag
"904-5f5750eb0cd80-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
970
expires
Tue, 09 Apr 2024 18:27:07 GMT
web-tools.png
followingbook.com/ourservices/img/card/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/web-tools.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
164a2777ea017c31030f79af23d0e6b26f618035b6dfa4ad48d96147ade81ef1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
last-modified
Thu, 02 Mar 2023 14:16:53 GMT
server
Apache
etag
"736-5f5eb7afbdf40"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1846
expires
Mon, 10 Mar 2025 18:27:07 GMT
domain.svg
followingbook.com/ourservices/img/card/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://followingbook.com/ourservices/img/card/domain.svg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.26.157.28 Sydney, Australia, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1119751.contaboserver.net
Software
Apache /
Resource Hash
383a57ed0bd78d1b9d2a96893c8db506dd2510912d1dcbcb5bb6696f1656ded2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 13:10:17 GMT
server
Apache
etag
"2bec-5e98021e08040-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3519
expires
Tue, 09 Apr 2024 18:27:07 GMT
typed.umd.js
unpkg.com/typed.js@2.1.0/dist/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/typed.js@2.1.0/dist/typed.umd.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58424467abb3fa4b302a80c7108fe20ca8328e4ecb4275cf1a04db3fa5f83f27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10554601
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HET87RWB1ACSTTDVGDV53N0J-lax
server
cloudflare
etag
W/"2673-VtN6K93BTinJi+6SKQF+syb+CZQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86255b5ece587bc1-LAX
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
2d485d48607ab925b962a71b60f2b347f7b909f4b9be841833306d516ff4f8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28657
x-xss-protection
0
server
cafe
etag
547 / 19792 / 31081698 / config-hash: 12045960760652923083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 18:27:06 GMT
telegram-logo.png
f.pondit.xyz/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/telegram-logo.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
184934ca83bc8087d91ab5ff6610a254b9b4ad18c7bea8a13fcc428c6d5d83dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
43953
expires
Sun, 17 Mar 2024 18:27:06 GMT
fb-logo.png
f.pondit.xyz/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/fb-logo.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
aec2da3979557d8ab51d77b03b579ad56848ac6b2b53dfbaefffb5da12dfb587

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
193345
expires
Sun, 17 Mar 2024 18:27:06 GMT
magnifying-glass-solid.png
f.pondit.xyz/ 		432 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/magnifying-glass-solid.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
1c5a124b73ab2adcc8d89639225b8356bae8acc2c7ae5a668dce8106f2b66b20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
432
expires
Sun, 17 Mar 2024 18:27:06 GMT
7cHmv4okm5zmbtYoK-4.woff2
fonts.gstatic.com/s/exo2/v21/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v21/7cHmv4okm5zmbtYoK-4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f.pondit.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:34 GMT
x-content-type-options
nosniff
age
158612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40316
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:31:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Mar 2025 22:23:34 GMT
x-solid.png
f.pondit.xyz/ 		283 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/x-solid.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
5aa8ff05c5b3714eaf9df36412a436196200f6c660540406b3000477045b6151

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
283
expires
Sun, 17 Mar 2024 18:27:06 GMT
background-image.jpg
f.pondit.xyz/ 		197 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/background-image.jpg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
d63456208ab6724c690f245f291104e40263f3a242321d262c4848ab195b0377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
201338
expires
Sun, 17 Mar 2024 18:27:06 GMT
5208160.jpg
f.pondit.xyz/ 		328 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/5208160.jpg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
efdb487e95f1fc1adaa7b0d82b7a4d0345474763b7d771983d39e4d9ed345f08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
335657
expires
Sun, 17 Mar 2024 18:27:06 GMT
5208219.jpg
f.pondit.xyz/ 		269 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/5208219.jpg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
3e4d9a37987789ea79183504b429bb3752060f65750129627668d9654af9a1f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
275592
expires
Sun, 17 Mar 2024 18:27:06 GMT
squid-game.jpg
f.pondit.xyz/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/squid-game.jpg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
a76cfa7c2476fd27b3364809d819104deb8675227d231c697988494c71655309

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
148897
expires
Sun, 17 Mar 2024 18:27:06 GMT
anime-characters.webp
f.pondit.xyz/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/anime-characters.webp
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
1202f50097f0a51e3c6445acca5e1319ff82d4968ce56ab8f2421cfa26d3a719

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
198396
expires
Sun, 17 Mar 2024 18:27:06 GMT
Death-Note.jpg
f.pondit.xyz/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/Death-Note.jpg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
16c100622d84920b8b85c12aef7b5f187f5af944e14fad704bd28bac48fbeab2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
135696
expires
Sun, 17 Mar 2024 18:27:06 GMT
5208283.jpg
f.pondit.xyz/ 		791 KB
791 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.pondit.xyz/5208283.jpg
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
591c86d15cf205775c7ddbeb9e34c4cfb9395224c0bedb701d277bc9eecb2291

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:06 GMT
last-modified
Sat, 09 Mar 2024 01:44:53 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
809811
expires
Sun, 17 Mar 2024 18:27:06 GMT
7cHov4okm5zmbtYtG-wc5Q.woff2
fonts.gstatic.com/s/exo2/v21/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v21/7cHov4okm5zmbtYtG-wc5Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
1ee6f39098704cadd8255a8bf57e4ce8241179ff381a3747343af50871e20645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f.pondit.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:09:49 GMT
x-content-type-options
nosniff
age
159437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42640
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:30:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Mar 2025 22:09:49 GMT
event
analytics.followingbook.com/api/ 		3 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.followingbook.com/api/event
Requested by
Host: analytics.followingbook.com
URL: https://analytics.followingbook.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

Referer
https://f.pondit.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 10 Mar 2024 18:27:07 GMT
content-encoding
br
server
LiteSpeed
x-ratelimit-remaining
59
vary
Origin,Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://f.pondit.xyz
cache-control
no-cache, private
access-control-allow-credentials
true
x-ratelimit-limit
60
content-length
7
event
analytics.followingbook.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.followingbook.com/api/event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.132.255.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.255.132.142.clients.your-server.de
Software
LiteSpeed /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://f.pondit.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://f.pondit.xyz
access-control-max-age
0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sun, 10 Mar 2024 18:27:07 GMT
server
LiteSpeed
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 		433 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 15:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
10533
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139281
x-xss-protection
0
server
cafe
etag
13505786736550064131
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 10 Mar 2025 15:31:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4341935264058810&correlator=2776549017761527&eid=31079956%2C31081518%2C31081698&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=23085010109%2Canchor1%2C1234&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1710095227714&lmt=1709948853&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ff.pondit.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=385505493.1710095228&ga_sid=1710095228&ga_hid=1480452597&ga_fc=false&dlt=1710095226012&idt=1657&adks=3310131100&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
4b21483d8e0b53805db212563ddce6873d9837a02b6fe99c418787ebbc608ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17966
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://f.pondit.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		188 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4341935264058810&correlator=2776549017761527&eid=31079956%2C31081518%2C31081698&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=23085010109%2CInterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=4&sc=1&cookie_enabled=1&cdm=f.pondit.xyz&abxe=1&dt=1710095227723&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ff.pondit.xyz&loc=https%3A%2F%2Ff.pondit.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=385505493.1710095228&ga_sid=1710095228&ga_hid=1480452597&ga_fc=false&dlt=1710095226012&idt=1657&adks=3818277490&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
da855d24a30de4d36f3cbe2aece423aee8f328c1f5e0f5ed3689a401462b39e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54056
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://f.pondit.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4341935264058810&correlator=2776549017761527&eid=31079956%2C31081518%2C31081698&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=23085010109%2Cafterpra2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x100%7C300x50%7C320x100%7C300x250%7C320x50%7C300x600%7C300x31%7C300x75%7C336x280%7C300x1050%7C320x480&fluid=height&ifi=3&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=f.pondit.xyz&abxe=1&dt=1710095227726&adxs=232&adys=527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ff.pondit.xyz&loc=https%3A%2F%2Ff.pondit.xyz%2F&vis=1&psz=500x31&msz=500x31&fws=0&ohw=0&ga_vid=385505493.1710095228&ga_sid=1710095228&ga_hid=1480452597&ga_fc=false&dlt=1710095226012&idt=1657&adks=3014671281&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e7adec24125631f9445b44510cb8980b0e3ce63f58eb30a647dd3ec8add8c8db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14886
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://f.pondit.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4341935264058810&correlator=2776549017761527&eid=31079956%2C31081518%2C31081698&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=23085010109%2Cafterpra6&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=f.pondit.xyz&abxe=1&dt=1710095227729&adxs=232&adys=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ff.pondit.xyz&loc=https%3A%2F%2Ff.pondit.xyz%2F&vis=1&psz=500x250&msz=500x250&fws=0&ohw=0&ga_vid=385505493.1710095228&ga_sid=1710095228&ga_hid=1480452597&ga_fc=false&dlt=1710095226012&idt=1657&adks=793894670&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ec7d1e9203348279dc36d7557e952136451489fc3b7aa8ae890af038d57db943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20482
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://f.pondit.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F59D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f.pondit.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Mar 2024 18:27:08 GMT
expires
Mon, 10 Mar 2025 18:27:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl_page_level_ads.js?cb=31081698
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
d8fcc808bdc03003322d1d27bb450619fdbecda1cb5ce1b159c65fd40ff7ca28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 15:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10433
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14995
x-xss-protection
0
server
cafe
etag
2836680628963911738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 10 Mar 2025 15:33:14 GMT
container.html
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C2A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f.pondit.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Mar 2024 18:27:08 GMT
expires
Mon, 10 Mar 2025 18:27:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8369 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f.pondit.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Mar 2024 18:27:08 GMT
expires
Mon, 10 Mar 2025 18:27:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rtb
rtb.ads.us-east.travelaudience.com/ Frame FE17 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.86.179.162 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.179.86.34.bc.googleusercontent.com
Software
/
Resource Hash
b466c10c2be95f487293a93ff6bf5693a3915ca8e693d8ec1fb2fdcb1dff5f39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 10 Mar 2024 18:27:08 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-5cf56dd5c-j2fll
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 3692 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 22:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
72816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 22:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 3692 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 09:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
30800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8212
x-xss-protection
0
server
cafe
etag
9277691884081322989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 09:53:48 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3692 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
159199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 08 Mar 2025 22:13:49 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3692 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 17:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64070
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 18:57:12 GMT
css
fonts.googleapis.com/ Frame C49F 		6 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
ESF /
Resource Hash
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 18:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 16:43:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 18:27:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame C49F 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 11:37:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 11:37:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame C49F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 14:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
14838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 14:19:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame C49F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 22:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
72816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 22:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame C49F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 09:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
30800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8212
x-xss-protection
0
server
cafe
etag
9277691884081322989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 09:53:48 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C49F 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 17:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64070
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 18:57:12 GMT
fae6ba9c9cb9ec876bbde5988f04c6f7.js
www.gstatic.com/mysidia/ Frame C49F 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 03:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 06 Jun 2024 22:31:05 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/ Frame 8369 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 22:17:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
72558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9093
x-xss-protection
0
server
cafe
etag
981128176822753981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 22:17:50 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8369 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:20:09 GMT
x-content-type-options
nosniff
age
158820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 08 Mar 2025 22:20:09 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8369 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:20:20 GMT
x-content-type-options
nosniff
age
158809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 08 Mar 2025 22:20:20 GMT
container.html
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBD7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f.pondit.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Mar 2024 18:27:08 GMT
expires
Mon, 10 Mar 2025 18:27:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame DBD7 		102 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5c6783b6657bfcf5178798347f2f17ef4a90ba3eb4bc80783f3712a38815925a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-mnt-h
22-s1v0
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 10 Mar 2024 18:27:09 GMT
server
Apache
etag
"c0c81c1a7bd52cd70c1f5f4ec2662b09"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
39062
expires
Sun, 10 Mar 2024 18:32:09 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame DBD7 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Sun, 10 Mar 2024 18:27:09 GMT
x-guploader-uploadid
ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Sun, 10 Mar 2024 19:27:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame DBD7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 22:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
72816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 22:13:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame DBD7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 09:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
30800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8212
x-xss-protection
0
server
cafe
etag
9277691884081322989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 09:53:48 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DBD7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
159199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 08 Mar 2025 22:13:49 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DBD7 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 17:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64070
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 18:57:12 GMT
el.ashx
rtb.ads.us-east.travelaudience.com/ Frame FE17 		631 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.us-east.travelaudience.com/el.ashx?__trackerRequestId=0.9300020551984223&adPos=&ai1=1%3B30000487%3B0%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3B60023909%3B999%252c1%3B%3B%3B2%3B4%3B50005204%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70020433%3B8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-5d68cf9798-zvc5h&bnr=0&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=728x90&gcpm=540314&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=2&rts=&salt=02&sc=&site=f.pondit.xyz&ssp=0&sv=1&tsf=&ua=&uc=US&ucy=&uuid=E90121DD-4EF7-4BB1-8033-3F3B65BB1C26&view=&vrt=&vw=&wp=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA
Requested by
Host: rtb.ads.us-east.travelaudience.com
URL: https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.86.179.162 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.179.86.34.bc.googleusercontent.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:08 GMT
content-encoding
gzip
x-engine-version
0.0.0
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
deliveryengine-rtb-production-5cf56dd5c-m5p2p
728x90_Dubai_Heritage-Culture_EN.gif
static.travelaudience.com/img/import/Dubai_DMO/Heritage-Culture/EN/ Frame FE17 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/Dubai_DMO/Heritage-Culture/EN/728x90_Dubai_Heritage-Culture_EN.gif
Requested by
Host: rtb.ads.us-east.travelaudience.com
URL: https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f363b0163ae688863a525b073dd9ca1632ea653cea44cad43b2c71677ec881ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-east.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 17:49:58 GMT
age
2231
x-guploader-uploadid
ABPtcPreB_nhUBGl-0U5lKCa9Ej9GXo9gGYt7flcFHZjawMloH11N9GRWq-R-zUCTqhXhBM4sgg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187256
last-modified
Wed, 17 Jan 2024 09:12:40 GMT
server
UploadServer
etag
"96c6da4030be8ef661264e06928efe89"
vary
Origin
x-goog-generation
1705482760143094
x-goog-hash
crc32c=0hGwYA==, md5=lsbaQDC+jvZhJk4Gko7+iQ==
content-type
image/gif
cache-control
public, max-age=3600
x-goog-stored-content-length
187256
accept-ranges
bytes
expires
Sun, 10 Mar 2024 18:49:58 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame FE17 		335 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.us-east.travelaudience.com
URL: https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.49.202 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-49-202.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bf880647b736f1922d55d9223da08fdce304be1649fd1d6665d2fb2d694b3394

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-east.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sun, 10 Mar 2024 18:27:09 GMT
last-modified
Wed, 28 Feb 2024 12:15:16 GMT
server
AmazonS3
x-amz-request-id
TQM9KZC81YRD2NSZ
etag
"4bbb31f7f93e96a25478c96585055b8c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28485
accept-ranges
bytes
content-length
115786
x-amz-id-2
Tx00abw5lMofpAG16en1KAeSL51TkTk+W2NRwmFTfQ8YdqOXFqMC9Vo1lZ7RXGEYs9D4jFcJEfEWuCgYQb//KA==
creative.js
rtb.ads.us-east.travelaudience.com/js/ Frame FE17 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.us-east.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.us-east.travelaudience.com
URL: https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.86.179.162 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.179.86.34.bc.googleusercontent.com
Software
/
Resource Hash
54cc5173ceb5d669111a5f3d7898029e419e0c29f4b026189a90afe17f688194
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
public
date
Sun, 10 Mar 2024 18:27:08 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 07 Mar 2024 00:56:37 GMT
etag
W/"65e910c5-e1e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
expires
Mon, 11 Mar 2024 18:27:08 GMT
gZnWy8mTJh2nv19RYTdHYGEDJC1_M9D7HOMBQELlJo4.js
pagead2.googlesyndication.com/bg/ Frame 89D9 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gZnWy8mTJh2nv19RYTdHYGEDJC1_M9D7HOMBQELlJo4.js
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
8199d6cbc993261da7bf5f51613747606103242d7f33d0fb1ce3014042e5268e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
159269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20210
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Mar 2025 22:12:40 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame DBD7 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.144 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-144.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
d8bbc358b28bde4aa16527b38e6a1f592c217f7bab685693523c751c4f1f7d8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sun, 10 Mar 2024 18:27:09 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Sun, 10 Mar 2024 18:32:09 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 1981 		80 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3509&&kkdd=Hu%7CH%7Cn*9A&7o=F-FKKNwttNtyKV-LK-u&9(Qk=K&UPQaeO=t&YPQg=K&!(7=FFuK&.P!a=)yVy&!o(=u1X-d--FM&!Q!(=d!29c_pUvfMp5Fvv0kkf!H%3D%3D&!ko(=yuwFVFtw-&Poha=VKK_twK&!!=Xr&P!=1R&!6eY=B*44R1)M&Qo(=uBiL-JjVr&.Qo(=3FMVLLu&6..QP=F&kkk=.hJ06)!I0)vV6G_-5-oyd7BMIaq5*e!1&ePa=w&IH=F&U9(=y&g(.F=u1XXNflus&g(.t=FwwNtFtwy&m(g.g=P(t%3DeUIInoUkIvI%3DFKnm6v!QY%3DFnc9akQY%3DK~Fn(cYvm%3DK~wVnP!(%3D!gnkga%3DK%2CK%2C0Fn(cYvI%3DtKn7ItkvP(%3DtKtyKVFKFtnoUkIvm%3DwNw~KwnUkIv.C!%3DKnUkIvktgvm%3DKnP.(%3D-NVuNyL-KnYevma6vmccP.%3DK~yLnkg.%3DK~KKK%2CKnoQ%3DFx!-R!nOmm%3DFLnm6voY%3DwyNnkooQUg%3Dw%2Cwnk!%3Dt%2CtL-nkQPvP(%3DtKtyKVFKFVnkg(7%3DK~KKK%2CKnUkIvm%3DF~Lun7ItkvUkIvm%3DKnUkIvI%3DFKnPI7%3DVK~NLn9!g.%3DwKFKVKn(mPo(%3DBAKFKnmm%3DFNLnakQY%3DK~Fn7ItkvUkIvC!%3DKMKnQPov!%3DFLK%2Cu%2CK%2CK%2CK%2CFt%2Ct%2CFwnmY%3DFnQPov(%3DtyV-nkCa%3DK%2CK%2C0FngVQvm%3DN~NN%2C-F~wynP(%3DKnkvHkvm%3DyKu~KV%2CKnUo(%3Dt*gp47qQPLdBuZ33ZDn!7Itkvm%3Dw~Kunm.(%3DL-tFyNKFKKKFwL-NtKVtK-KuVFtNNLKw-ytKyKuFKyFt-uwttuwuLuyuLwuNVVLKNNVtKtyKu-FtuLwNFLNuVywLVwLtFwLVVtFNwuLnUoY%3DKnkC.%3DK~KKK%2CKn7kvUkIvm%3DwVL~-ync9(tQvm%3DFnPP%3D4Rn!!%3DXrnCmv(I%3DaenUoH%3D0Fn!a%3DKnk!7%3Dyw~FLn1*%3DttnCmvU!%3DFne.P%3DtnCmvUI%3DaenCmv!!CP%3DKn!.%3DIcP%20ge9aIaPnmPPvS3q%3Dzp%2C4MAnmgPoPt%3DFNLnm(.%3DF-FKKNwttunmgPoPF%3DFNLnCmv..%3DKnm6vP(%3DtKtyKVFKKtn(!%3Dun7Itkvm%3D-n..%3DtyVLn7Hva_!%3DK~LFn7oPvP(%3DtwtnUkIvkQPvm%3DFF~Nwnm6v!c%3DFn(!t%3DFn7vgPe%3DLttyKnIgP.%3Dn!7c9%3Dw~Kun7oPvUkIvm%3DK~wyn7ItkvovP(%3DtKtyKVFKFFn7oPvUkIvI%3DKna.%3DFNn7Itkvovm%3DK~Kyn7oPvm%3DywL~uVn7ItkvUkIv7o%3DFM0FLnUkIv.7o%3DKn77%3DKn!7ItkvP(%3DtwtnkO7%3Dyw~FLnItkvm%3DFKKKnHkvm%3DL~NF%2CKnkg(Q%3DK~KKK%2CKnPo(%3DyuwFVFtw-nUkIvkQPvC!%3DKnCmvPk!%3DCmmn7HU%3DK~LFn(tQvI%3DFKn!7It%3Dw~KunVQ!O%3DNNN~uwnc9vYP6%3DK~Fn(YYvP.k9%3DQoeeg!Ian(tQvm%3DF~KwnkQPvm%3D-F~wynUkIvPkQPvm%3DFF~NwnkCHQ%3DK~KKK%2CKna_QP!cka%3D0FnkCH(%3DK~KKK%2CKnoPJaO%3DKnoPoO%3DKnUkIvkQ!vm%3DKnmo(%3DK~FnCmvQ.%3DRk.o!IanUkIvkQPvk7%3DKn!m(Q%3DK~Kwyno.5Qavo(%3DF-nPaIIakv.g9vo(%3D-NVuNyL-KnPUQQI5v.g9vo(%3Dn(a.a!.a(v.g9vo(%3Dn7oaHgmoIo.5%3DK~LFnQcP%3DVng!v.5Qa%3DFng(mIC%3D-NVuNyL-KngYQ%3DFnc9mo(%3DK~FKKKKKnmOIk%3DK~KFKnPUo(%3Dn(.!%3DagP.vP!n(YYvakQY%3DOgIPan(YY%3DQoeeg!Ianm(Q!gQ(%3DKn(gI9%3DYUI.o2Uge.oIav7-vgmc7av2KwnP9Y.%3D6cYaQg9av.a!6ecIc95v!cYQU.oe9nPcmQ%3Dn_o(%3DRAW0QUm0tu-NLVVKLytwKuF-n6.YI%3DFn(!U.%3Dywn(c9m%3DK0Fna!QvUPa(%3D2NNna!Qv7ak%3DYUI.o2Uge.oIav7-na!QvQKw%3DK~Ktna!QvQFK%3DK~Ktna!QvQFw%3DK~KtyVyFywwyuy-uNutuna!QvQtK%3DK~KtuNF-KKwKwwKKtyFwna!QvQtw%3DK~KVyuty-wyFwyww-yuna!QvQVK%3DK~KVNKLyKNtuwuLw-Kuwna!QvQVw%3DK~KyVwtL-N-ww-wNVVKyna!QvQyK%3DK~KyLwKNtNNtKyVKFyuna!QvQyw%3DK~KyNuNu-y-NFtKFwKVna!QvQwK%3DK~KwyKKuFuwNLVwtFN-na!QvQww%3DK~KwNwVNu--wLNtKVNwna!QvQLK%3DK~KLVywKutuyN-KFVLuna!QvQLw%3DK~KLuVyKtuuKKKLNVLyna!QvQ-K%3DK~K-yLNwtL--yFL-y-Lna!QvQ-w%3DK~K-NFwFyuNVLLuFKFna!QvQuK%3DK~KutNLuwyVyVLKNNVtna!QvQuw%3DK~KuLtLtNLw-tVFKy-yna!QvQNK%3DK~Kuutut-KwFwyLw-y-na!QvQNw%3DK~KuNNu-wytwFNLyuNyna!QvQNN%3DK~KuuuNutFt-VuKywt-nom!%3DFnePh%3Dtn.9P%3DtwK_twK%7CVKK_twKnmPm%3DFnmPQ%3D0Fn.Y_%3DtyFnY_mC.%3DK&e.7=K&YYY=UWcP4O*A2MC%3D&oH=VKK&oe*Ok=F&m(k*(=yLK&mo(=Vwt-tw&Y!O=LutV-&5(PQk=F&mga=p_paagh992np_paagh292nyaa&Cg.Qka=F&Cg.mo(=0FKt&!g(cYgoe=.hJ06)!I0)vyB6o57mCJxX7!0ANNg(yapP.xl0clFhK%3D&5QIQ=F&oPo(=w&g(7=*e7aP.ck%20lc!UP&PPY!kv7ak=w&g!.=Bp*UUk%2FyeVgeeee2p9aV9%2Fe%2Fk%2F%2FOaa9a4VV&Q9o(=QKu-ytyNwuV.tKtyKVFKFut-&PPI(=%7B%22PPoQ%22%3A%22NF~FNL~ttK~K%22%2C%22PP!!%22%3A%22Xr%22%2C%22PPP!%22%3A%221R%22%2C%22PP!.5%22%3A%22)cP%20Re9aIaP%22%7D&6.YIPk!=F&sflct=386833&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdc1bd647656fc98db18e103a7a8fb9672f76ab584373a8fc7680c5b121f4cfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
32208
content-type
text/html
date
Sun, 10 Mar 2024 18:27:09 GMT
expires
Sun, 10 Mar 2024 18:27:09 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-kbc8
checksync.php
contextual.media.net/ Frame AEEB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&usp_status=1&usp_consent=0&ckdel=1&cs=2&cv=31&cid=8CU7Q771E&https=1&itype=CM
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e4ab8bb5f80e0e3ee4685a0a871d9c64a96a02de2727d8b5e59d3134d2ec623d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
5953
content-type
text/html; charset=UTF-8
date
Sun, 10 Mar 2024 18:27:09 GMT
expires
Tue, 12 Mar 2024 18:27:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame DBD7 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=3198&&vgd_cdv=1180&vgd_cage=2&vgd_tsce=L434&vgd_mcf=68237&gdpr=0&uspenf=2&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=485131257&vi=1710095229240376078&ugd=4&lf=6&cc=US&sc=CA&lper=100&wsip=170785191&r=1710095229523&rrr=tzR-hLcl-L_3hjx7y7i4QvPEleWyIncC&requrl=https%3A%2F%2Ff.pondit.xyz%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~GwMNEYvu~myJLEYv9.u~OmYMGv9.XA~QNOvN1~L1Jv9%2C9%2Cou~OmYMjvf9~ejfLMQOvf9fH9Au9uf~8xLjMGvXiX.9X~xLjM7UNv9~xLjMLf1MGv9~Q7OvhiAWiHFh9~YzMGJwMGmmQ7v9.HF~L17v9.999%2C9~8EvuZNhKN~kGGvuF~GwM8YvXHi~L88Ex1vX%2CX~LNvf%2CfFh~LEQMQOvf9fH9Au9uA~L1Oev9.999%2C9~xLjMGvu.FW~ejfLMxLjMGv9~xLjMjvu9~QjevA9.iF~yN17vX9u9A9~OGQ8Ov0r9u9~GGvuiF~JLEYv9.u~ejfLMxLjMUNv949~EQ8MNvuF9%2CW%2C9%2C9%2C9%2Cuf%2Cf%2CuX~GYvu~EQ8MOvfHAh~LUJv9%2C9%2Cou~1AEMGvi.ii%2Chu.XH~QOv9~LMBLMGvH9W.9A%2C9~x8OvfV1RIepEQFg0W%2F__%2F2~NejfLMGvX.9W~G7OvFhfuHi9u999uXFhif9Af9h9WAufiiF9XhHf9H9Wu9HufhWXffWXWFWHWFXWiAAF9iiAf9fH9WhufWFXiuFiWAHXFAXFfuXFAAfuiXWF~x8Yv9~LU7v9.999%2C9~eLMxLjMGvXAF.hH~myOfEMGvu~QQvIK~NNvPb~UGMOjvJz~x8Bvou~NJv9~LNevHX.uF~%3DVvff~UGMxNvu~z7Qvf~UGMxjvJz~UGMNNUQv9~N7vjmQn1zyJjJQ~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~GO7vuhu99iXffW~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9Au99f~ONvW~ejfLMGvh~77vfHAF~eBMJ-Nv9.Fu~e8QMQOvfXf~xLjMLEQMGvuu.iX~GwMNmvu~ONfvu~eM1QzvFffH9~j1Q7v~NemyvX.9W~e8QMxLjMGv9.XH~ejfLM8MQOvf9fH9Au9uu~e8QMxLjMjv9~J7vui~ejfLM8MGv9.9H~e8QMGvHXF.WA~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvfXf~LkevHX.uF~jfLMGvu999~BLMGvF.iu%2C9~L1OEv9.999%2C9~Q8OvHWXuAufXh~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.Fu~OfEMjvu9~NejfvX.9W~AENkviii.WX~myMYQwv9.u~OYYMQ7LyvE8zz1NjJ~OfEMGvu.9X~LEQMGvhu.XH~xLjMQLEQMGvuu.iX~LUBEv9.999%2C9~J-EQNmLJvou~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.u~UGME7vKL78NjJ~xLjMLEQMLev9~NGOEv9.9XH~875EJM8Ovuh~QJjjJLM71yM8OvhiAWiHFh9~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Fu~EmQvA~1NM75EJvu~1OGjUvhiAWiHFh9~1YEvu~myG8Ov9.u99999~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvE8zz1NjJ~GOEN1EOv9~O1jyvYxj78%20x1z78jJMehM1GmeJM%209X~QyY7vwmYJE1yJM7JNwzmjmy5MNmYEx78zy~QmGEv~-8OvKrtoExGofWhiFAA9FHfX9Wuh~w7Yjvu~ONx7vHX~OmyGv9ou~JNEMxQJOv%20ii~JNEMeJLvYxj78%20x1z78jJMeh~JNEME9Xv9.9f~JNEMEu9v9.9f~JNEMEuXv9.9fHAHuHXXHWHhWiWfW~JNEMEf9v9.9fWiuh99X9XX99fHuX~JNEMEfXv9.9AHWfHhXHuXHXXhHW~JNEMEA9v9.9Ai9FH9ifWXWFXh9WX~JNEMEAXv9.9HAXfFhihXXhXiAA9H~JNEMEH9v9.9HFX9ifiif9HA9uHW~JNEMEHXv9.9HiWiWhHhiuf9uX9A~JNEMEX9v9.9XH99WuWXiFAXfuih~JNEMEXXv9.9XiXAiWhhXFif9AiX~JNEMEF9v9.9FAHX9WfWHih9uAFW~JNEMEFXv9.9FWAH9fWW999FiAFH~JNEMEh9v9.9hHFiXfFhhHuFhHhF~JNEMEhXv9.9hiuXuHWiAFFWu9u~JNEMEW9v9.9WfiFWXHAHAF9iiAf~JNEMEWXv9.9WFfFfiFXhfAu9HhH~JNEMEi9v9.9WWfWfh9XuXHFXhHh~JNEMEiXv9.9WiiWhXHfXuiFHWiH~JNEMEiiv9.9WWWiWfufhAW9HXfh~8GNvu~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGvu~GQEvou~7Y-vfHu~Y-GU7v9&ssld=%7B%22QQ8E%22%3A%22iu.uiF.ff9.9%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22TmQnKzyJjJQ%22%7D&vgd_bid=352725&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=62240&vgd_rakh=1710095229125287835&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=155921254&vgd_pgid=p0874249583t202403101827&vgd_pgids=1&vgd_uspa=1&vgd_usps=r&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001710095229518015396280324399&gdpr=0&uspenf=2&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Sun, 10 Mar 2024 18:27:09 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
35
expires
Sun, 10 Mar 2024 18:27:09 GMT
checksync.php
contextual.media.net/ Frame 67A3 		28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=1&usp_consent=1
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85a6ed94ba27dd7e279e052100901db097b703b955c490d33ff9a99a1cd4cd5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
10122
content-type
text/html; charset=UTF-8
date
Sun, 10 Mar 2024 18:27:09 GMT
expires
Tue, 12 Mar 2024 18:27:09 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame DBD7 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=7545&logid=awlog&lper=1&itypeid=17&itype=ADX&itype_override=ADX&cc=US&cid=8CUU9JF8H&reqid=j5QjzDVtSg4Zc0bSf7gGlQ&vid=j5QjzDVtSg4Zc0bSf7gGlQ&dn=f.pondit.xyz&rawDn=f.pondit.xyz&requrl_dn=f.pondit.xyz&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Ff.pondit.xyz&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=CA&ct=Los+Angeles&zip=90012&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-5768fd6c4b-hdldc.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=280&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&ortb_device_id=2&asn=62240&sckfl=0&sckfl2=0&smbrid=adx-1&cxtSgmt=homepage_technology_computing&usp_status=1&usp_enf=1&ufca=26&mspa_enforced=true&gqid=AD8Fdm6KGwwhjQ7GRJh3NcYmLnyZmqEfHCApQ7ystEPaQkAkEegjJGTkwBX9qpuSDT4bfeN8&pexid=ADX-pub-2879633064250817&geoll=true&is_ortb=false&commit_id=afe79417&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-03-08+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=54&req_tid_present=false&pvid=460&prvAccId=485131257&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=155921254&prspt=headerBid&prvReqId=16471063253849_1989173024_1559212544601&size=300x250&chnl=PINNACLE&bdp=0.100000&bid_uuid=27e13765a112abdca178ec1518431570&cbdp=0.054008&og_cbdp=0.100000&ogbdp=0.1&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Finvestorfocus.net&dfpBd=0.05&dsrc=-2&dp=0&dbf=1&epc=485131257&s=1&snm=SUCCESS&pcrid=8CU7Q771E-485131257-11-6&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=61&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1710095228246&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300300025010006200&strg=PINNACLE&pgcatiab2=602&vls=0&scrid=1700080807683300300025010006200&mang=1&pvdTmax=241&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apTags%3C%3E=75&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_badv_count=17&mx_epbc=8CU7Q771E&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_sua_os_v=10.0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_dup_profile=0&mx_sua_model=x64&mx_bsAlgoBucket=MARK_BLOCK&mx_dup_algo=NOT_APPLICABLE&mx_bsVerdictAlgo=V1&mx_bss_algos%3C%3E=0&mx_bsAlgoProfile=NOT_ENOUGH_DATA&mx_aurl_hc=0&mx_aabpc=0&mx_isLossNtf=false&mx_ssBucket=0&mx_bcat_count=0&mx_nids%3C%3E=yZ6KiGJuPpMj&mx_gpid_sent=false&mx_commit_id=911a4dc224&mx_exp_tokens%3C%3E=RLReqTagImpAgg%3ARLReqImpAgg%23%23BlacklistBidderPubExp%3Ano_blk%23%23ctx_canonical_exp%3Atrue%23%23loss_notification_exp%3ADEFAULT%23%23VSIDWithFallbackDummy%3Aac2%23%23duplication-actual%3ADUPLICATE%23%23BF_store%3AGCS%23%23ProfileUpgradationNew%3ANEXT_PROFILE%23%23RealTimeValidBid%3A15m%23%23bsTEExp%3A1%23%23NedThrottleExp%3Ant60%23%23duplication%3AKILL_THEM_ALL%23%23VideoThrottlingExperiment%3Avid_thrtl_inactive%23%23IPBLOCK_DM%3AGCS%23%23dup_vsid%3Avw5_48%23%23dup_vsid_rtb%3Avw3_24%23%23bsTEExp%3A2RA_12h%23%23NedCkflWithData%3ANoBlk%23%23bsTEExp%3ARTB_avg_cpm_mrk_0.02%23%23prll_req%3Atrue%23%23bsTEExp%3A50_0&mx_sdr=false&mx_sua_cvg=1111111&mx_tid_sent=false&mx_SPRIG=2&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_tgs=250x250%7C300x250&mx_cklsrc=OTHERS&mx_bsMarkingVerdict%3C%3E=V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA%23%23V1%3AMARK_BLOCK%3ANOT_ENOUGH_DATA&mx_IAB2=1&mx_dup_bucket=NOT_APPLICABLE&mx_PC=1&mx_UCC=0&mx_bsWhitelistBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_isNed=1&acid=bbdb574ca682fdfcda9ad360368c7d20&rtime=27.0&wsip=mowx-lite-ff869b45f-k6t7m&ltime=35.0&act=headerBid&abs=0%7C0%7Cxtmax%3D280%7Cbrr%3D0&adtypes=0&adblk=793894670&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=bbdb574ca682fdfcda9ad360368c7d20_1&policy_enf=2&pub_blk_enf=1&req_size=300x250%7C250x250&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=j5QjzDVtSg4Zc0bSf7gGlQ_1&supplyTagId=793894670&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100169%23%2360677%23%2360699%23%2360878%23%23100273&debug_ts=2024-03-10+18%3A27%3A08&__expireat=1710095828501&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.100000&lo_cbdp=0.054008&actltime=36&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~bh_cpm%3D1~ogerpm%3D0.1~dom_b%3D0.53~scd%3Dca~rae%3D0%2C0%2C-1~dom_l%3D20~vl2r_sd%3D2024031012~iurl_b%3D595.05~url_tkc%3D0~url_r2a_b%3D0~std%3D793894670~mn_beh_boost%3D0.46~rat%3D0.000%2C0~ip%3D1Gc7Ac~fbb%3D16~bh_im%3D549~riipua%3D5%2C5~rc%3D2%2C267~rps_sd%3D2024031013~radv%3D0.000%2C0~url_b%3D1.68~vl2r_url_b%3D0~url_l%3D10~slv%3D30.96~gcat%3D501030~dbsid%3DPD010~bb%3D196~erpm%3D0.1~vl2r_url_kc%3D0E0~psi_c%3D160%2C8%2C0%2C0%2C0%2C12%2C2%2C15~bm%3D1~psi_d%3D2437~rke%3D0%2C0%2C-1~a3p_b%3D9.99%2C71.54~sd%3D0~r_wr_b%3D408.03%2C0~uid%3D2IaBNvWps6QP8VTTVZ~cvl2r_b%3D5.08~btd%3D6721490100015679203207083129960574204081041278522858684865893360993202408712865916983456356215633219586~uim%3D0~rkt%3D0.000%2C0~vr_url_b%3D536.74~ogd2p_b%3D1~ss%3DNA~cc%3DUS~kb_dl%3Den~uiw%3D-1~ce%3D0~rcv%3D45.16~CI%3D22~kb_uc%3D1~nts%3D2~kb_ul%3Den~kb_ccks%3D0~ct%3Dlos%20angeles~bss_KTW%3DMB%2CNED~basis2%3D196~bdt%3D1710095228~basis1%3D196~kb_tt%3D0~bh_sd%3D2024031002~dc%3D8~vl2r_b%3D7~tt%3D2436~vw_exc%3D0.61~vis_sd%3D252~url_rps_b%3D11.95~bh_co%3D1~dc2%3D1~v_asn%3D62240~last%3D~cvog%3D5.08~vis_url_b%3D0.54~vl2r_i_sd%3D2024031011~vis_url_l%3D0~et%3D19~vl2r_i_b%3D0.04~vis_b%3D456.83~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D252~rfv%3D45.16~l2r_b%3D1000~wr_b%3D6.91%2C0~radp%3D0.000%2C0~sid%3D485131257~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.61~d2p_l%3D10~cvl2%3D5.08~3pcf%3D999.85~og_msh%3D0.1~dmm_strg%3Dpinnacle~d2p_b%3D1.05~rps_b%3D71.54~url_srps_b%3D11.95~rkwp%3D0.000%2C0~expscore%3D-1~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.1~kb_pt%3DArticle~url_rps_rv%3D0~cbdp%3D0.054%7Eitype_id%3D17%7Eseller_tag_id%3D793894670%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.61%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D793894670%7Eamp%3D1%7Eogbid%3D0.100000%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dpinnacle%7Ebdpcapd%3D0%7Edalg%3Dmultiquantile_v7_above_q05%7Esgmt%3Dhomepage_technology_computing%7Esobp%3D%7Exid%3DADX-pub-2879633064250817%7Ehtml%3D1%7Edcut%3D45%7Edogb%3D0-1%7Eecp_used%3Dq99%7Eecp_ver%3Dmultiquantile_v7%7Eecp_p05%3D0.02%7Eecp_p10%3D0.02%7Eecp_p15%3D0.024341455484789828%7Eecp_p20%3D0.028917005055002415%7Eecp_p25%3D0.03482475415455748%7Eecp_p30%3D0.039064092858657085%7Eecp_p35%3D0.043526797557593304%7Eecp_p40%3D0.04650929920430148%7Eecp_p45%3D0.04989874791201503%7Eecp_p50%3D0.05400818596352197%7Eecp_p55%3D0.05953987756920395%7Eecp_p60%3D0.06345082849701368%7Eecp_p65%3D0.06834028800069364%7Eecp_p70%3D0.07469526774167476%7Eecp_p75%3D0.0791514893668101%7Eecp_p80%3D0.08296854343609932%7Eecp_p85%3D0.08626296572310474%7Eecp_p90%3D0.08828270515465747%7Eecp_p95%3D0.08998754251964894%7Eecp_p99%3D0.08889821273804527~ibc%3D1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D1~bsp%3D-1~tmx%3D241~mxbkt%3D0&utime=1304&sf=0&cpr=0.33369444911022916
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 18:27:09 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 10 Mar 2024 18:27:09 GMT
truncated
/ Frame DBD7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd506958d0a6f07fedea92aeee32309cc937cd7d9d3a4dda2527ad175f1d5524

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402262017000/ Frame E0C4 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f1.1e100.net
Software
sffe /
Resource Hash
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Mar 2024 22:13:17 GMT
age
159233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56141
x-xss-protection
0
server
sffe
etag
"28cb2d39d2a36ad8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 08 Mar 2025 22:13:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame E0C4 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f1.1e100.net
Software
sffe /
Resource Hash
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Mar 2024 22:17:45 GMT
age
158965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5220
x-xss-protection
0
server
sffe
etag
"49cab81f34612748"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 08 Mar 2025 22:17:45 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame E0C4 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f1.1e100.net
Software
sffe /
Resource Hash
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Mar 2024 22:34:57 GMT
age
157933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29016
x-xss-protection
0
server
sffe
etag
"d87e4eaec13170fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 08 Mar 2025 22:34:57 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame E0C4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f1.1e100.net
Software
sffe /
Resource Hash
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Mar 2024 22:10:15 GMT
age
159415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"92d49a70059f031a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 08 Mar 2025 22:10:15 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame E0C4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f1.1e100.net
Software
sffe /
Resource Hash
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Mar 2024 22:10:08 GMT
age
159422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12941
x-xss-protection
0
server
sffe
etag
"abc788b0a91a2b6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 08 Mar 2025 22:10:08 GMT
css
fonts.googleapis.com/ Frame E0C4 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 18:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 16:39:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 18:27:09 GMT
bn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E0C4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/bn.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
a9e9b6bc88e14ccbe87ca4e10301dbee8c20eaa9ae6da371386e9a2bd5e022f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:14:59 GMT
x-content-type-options
nosniff
server
cafe
age
65530
etag
9699036136494587712
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4229
x-xss-protection
0
expires
Mon, 11 Mar 2024 00:14:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E0C4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:57:49 GMT
x-content-type-options
nosniff
server
cafe
age
62960
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 11 Mar 2024 00:57:49 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5234026505999207516/ Frame E0C4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5234026505999207516/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
55e6e7f4935a0dedfff1a7b92d1b00eed39654cd43a535e3d6ed64f6edf2fbe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Sun, 09 Mar 2025 10:32:09 GMT
date
Sat, 09 Mar 2024 10:32:09 GMT
x-content-type-options
nosniff
age
114900
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8412
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 09:04:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame E0C4 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
126d85989a3db8e28b82944b383b6f7dcb927644cf93c916795760169a586b41

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
n.js
mb.moatads.com/ Frame FE17 		69 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=218903618&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmejgMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-lWWj2Zz1Kg7M0g%3D%3D&sc=1&os=1-TA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=0&qe=0&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fdcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com&lp=https%3A%2F%2Ff.pondit.xyz&t=1710095229644&de=871057271843&m=0&ar=b14f40e8f24-clean&iw=fad0310&q=2&cb=0&ym=0&cu=1710095229644&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=30000487%3A50005204%3A60023909%3A70020433&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=f.pondit.xyz&zMoatIMPID=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ff.pondit.xyz&id=0&ii=2&bo=dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=pondit.xyz&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207200&na=624935950&cs=0&ord=1710095229644&jv=746683378&callback=DOMlessLLDcallback_6113132
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.248.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
adab9c6f58dc1d466b8007282dd53bc4c26ed46ed68904f9ff645f94e7f7a828

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-east.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:10 GMT
server
istio-envoy
etag
"e13aba501b6a784a764216b68b3976fdd483ce36"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
13
timing-allow-origin
*
content-length
69
pixel.gif
px.moatads.com/ Frame FE17 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fdcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com&lp=https%3A%2F%2Ff.pondit.xyz&t=1710095229644&de=871057271843&m=0&ar=b14f40e8f24-clean&iw=fad0310&q=3&cb=0&ym=0&cu=1710095229644&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=30000487%3A50005204%3A60023909%3A70020433&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=f.pondit.xyz&zMoatIMPID=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ff.pondit.xyz&id=0&ii=2&bo=dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=pondit.xyz&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207200&na=2138616419&cs=0
Requested by
Host: rtb.ads.us-east.travelaudience.com
URL: https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.49.202 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-49-202.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-east.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 18:27:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 10 Mar 2024 18:27:09 GMT
js-err
rtb.ads.us-east.travelaudience.com/ Frame FE17 		35 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.us-east.travelaudience.com/js-err?description=Uncaught%20TypeError%3A%20s.default.global._toCookies%20is%20not%20a%20function&url=https%3A%2F%2Frtb.ads.us-east.travelaudience.com%2Fjs%2Fcreative.js%3Fversion%3D0.0.0&line=1&col=23424&parent_url=https%3A%2F%2Frtb.ads.us-east.travelaudience.com%2Frtb%3Fads%3D30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%253D%253D.60023909.OTk5JTJjMQ%3D%3D...7sOMk32o1KNqb38Y2MsA0w%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D728%26y%3D90%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%2526client%253Dca-pub-2879633064250817%2526adurl%253D%26googlewinningprice%3DZe37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA%26wpc%3DEUR%26site%3Df.pondit.xyz%26slotvisibility%3D1%26gcpm%3D540314%26gpos%3D1%26bidder%3Dbidder-rtb-production-5d68cf9798-zvc5h%26dv%3D1%26uuid%3D%26suid%3D%26brq%3D8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A%26ssp_id%3D0%26l%3Dbn%26ts%3D1710095227%26uc%3DUS%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D2%26hm%3DpB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg%3D
Requested by
Host: rtb.ads.us-east.travelaudience.com
URL: https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.86.179.162 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.179.86.34.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://rtb.ads.us-east.travelaudience.com/rtb?ads=30000487.0.0.70020433.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprzGe_vtZZfFM4y86toPlaSg4A2FsP3kc_Xl_IXRCsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQmpAhfZqZgPWrI-4AIAqAMByAMCqgScAk_QgpAyR7THGAwD2-FXt_LzKrm220RAnr1hiIGrVnasf5cwS8zj6cJcjvgYvamMn-Vi5PHGPfpror-07TC-VcSPEbMRFkEyadgul0MnGUQpadfwDxjnF1oekR-E5sh9xdoCcQYjFM3eoeZJ0Tw9DFXB0ysL4U0Wh__VVuk2gzbVd90xksBz6vnTg9UjJ6W7Ki724wXEHFBeE8mmHceE7tLEN22K0BeeXnzSDrufwJ9LUo_IAedeMCgcdPKZ3uyBrqvetPVY6Y5xQK_XDKfQaHUB_Kmgsz8frMVscZ6b3XTa8hppsgX5OH201aPTZ-Wba5s7LtmzR7jjFEv8wGTn7vQzUqBIomK8-SHXnWcl94CF5aMMyylu6Tlv6EtA4AQBgAb1leCT4ezWtpcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpY6KbYlKnqhAP6CwIIAYAMAeINEwjq79iUqeqEAxUMnloFHRUSCNzQFQGAFwE%26num%3D1%26sig%3DAOD64_0FZCRJBwHQZZh4BB2WmzPed-ivKg%26client%3Dca-pub-2879633064250817%26adurl%3D&googlewinningprice=Ze37ewAM4pcFWp4MAAgSFe72Ds6FJF4F6T9dPA&wpc=EUR&site=f.pondit.xyz&slotvisibility=1&gcpm=540314&gpos=1&bidder=bidder-rtb-production-5d68cf9798-zvc5h&dv=1&uuid=&suid=&brq=8dVi4Uy37gCrTa_po-YbOVIi1PFgid9gzDxe7A&ssp_id=0&l=bn&ts=1710095227&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=2&hm=pB2HlyKc01TUP85YO93hjM_6F2svAXRVR3WD2otAGMg=
Origin
https://rtb.ads.us-east.travelaudience.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin
https://rtb.ads.us-east.travelaudience.com
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame DBD7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl4o8fPvtZYbbB7O46toPo-q60A2-laSvbPfa0tOsDMCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTI4Nzk2MzMwNjQyNTA4MTfIAQngAgCoAwHIAwKqBJwCT9DO-VuE5Gc433NKSkiasAqx60XqGT_WiOjDNnBLGNqrGtjTNb3K7iVchVGyJjEzWn7iJntwNpCuw6zkR4qHMSoAc0UEKe0KftPmJzO6yBQK-bufwl-UCQt6v5ODnvZgNiLoFksO3OdaEQee12sS35ApIsrI9t4V57uY6Tf9Pp6AO4R1QARMmXgMhDP7EwZFX7hV99uz4HFLkWHmIn-v-hFbQOZImeMBJ3MeAn430pJwUPQiJr_FCYzRq-T0vQsZF39BH4ivm2uTDW_k1-R_Vh-k8h6fGmRGHAnPqEMa4QuaXSRqRmOk366PnyKLESTw4LNubR56RaXR1BPFIv1i2NRZdP2VU29j9bjQ1pu_HbY5Qt05xtW5AiCuVFngBAGABtmb9KrOtdKDxAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAoChIvf3BOljHztiUqeqEA4AKA_oLAggBgAwB4g0TCNGA2ZSp6oQDFTOcWgUdI7UO2tAVAYAXAbIXHQobEhRwdWItMjg3OTYzMzA2NDI1MDgxNxjpnZ4B&sigh=yvyKWBfE-to&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqsC17FFauOUdmD2zdRdiG-TE-_L41dZeTZppYPgW50gsEkSjRPpoEeZoKwKNIVq2Tkm9GwAAw7K6_AKMrDqrgLnHYXvgiHYQK5xgB&cbvp=2&vis=1
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
log
hblg.media.net/ Frame DBD7 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYgEIwKELwQCAAABAIAAAgAAAABAAAEABgAAQIABAAgAMNAITjE2NDcxMDYzMjUzODQ5XzE5ODkxNzMwMjRfMTU1OTIxMjU0NDYwMUBiYmRiNTc0Y2E2ODJmZGZjZGE5YWQzNjAzNjhjN2QyMJgHmpmZmZmZuT8oaHR0cHM6Ly9mLnBvbmRpdC54eXoEVVOA8Ka8C-gBTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTExIFNhZmFyaS81MzcuMzYYZi5wb25kaXQueHl6EjhDVVU5SkY4SAgOMzAweDI1MBAwLjA1NDAwOA5lYXN0X3NjMDhDVTdRNzcxRS00ODUxMzEyNTctMTEtNgZBRFgICG51cmwAAAAAAACATkCs9fKZxWMCMgAAAAAAAPC_QHJ0Yi1hcHBuZXh1cy01NzY4ZmQ2YzRiLWhkbGRjLlNDPjE3MDAwODA4MDc2ODMzMDAzMDAwMjUwMTAwMDYyMDACEGFmZTc5NDE3AmQCEGFwcG5leHVz&cbvp=2
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 18:27:09 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 10 Mar 2024 18:27:09 GMT
log
qsearch-a.akamaihd.net/ Frame DBD7 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=bbdb574ca682fdfcda9ad360368c7d20&algo=multiquantile_v7_above_q05&bdp=0.1000&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=155921254&ct=Los%20Angeles&dc=east_sc&dfpbd=0.0540&dn=f.pondit.xyz&iwb=1&ogcbdp=0.1000&other_bids=0.1&other_prv=460&pbshr=100.0000&prdp=0.0540&requrl=f.pondit.xyz%2F&sat=1&sc=CA&sc_pvid=460&send_erpm=true&server=1&size=300x250&strg=pinnacle&totalTime=4225800&ugd=4&ver=9.6.5&cliIP=1539628032&time_stamp=2024-03-10%2018%3A27%3A08&seat=BID_API&itype=adx&req_id=j5QjzDVtSg4Zc0bSf7gGlQ&dfp_bucket=0.0&level_base=0&bdp_bucket=0.1&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.111%20Safari%2F537.36&br_ver=122.0.6261.111&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&seg=homepage_technology_computing%2Ciab_computer_software_and_applications%2Ciab_computing%2Ciab_technology_and_computing%2Clong_tail_homepage_catchall&f_seg=homepage_technology_computing&ogerpm=0.1000&ogerpm_used=false&rawbid=0.1000&totalTimeBucket=4&sub_bidder=196&current_day=0.0&current_hour=18&cut=46&floor_bucket=0.00&erpm_bucket=0.10&mul_ratio=0.0000&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.6100&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=50.0&bdp_wider_bucket=1&adblk=793894670&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=45&advurl=investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-appnexus-5768fd6c4b-hdldc.SC&dmm_m1=2024-03-10%2018%3A27%3A08.247998461&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.1000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300300025010006200&erpm_mult=1.000000&zone=d&rc=-1&ecp_p50=0.05400818596352197&ecp_p75=0.0791514893668101&ecp_avg=0.02&ecp_status=Success&ecp_used=q99&ecp_rtime=2500.0&sfm_key=mowx_17_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-ff869b45f-k6t7m&rel_cut_bkt=50&ecp_ver=multiquantile_v7&djvm=9.5.8&ecp_p25=0.03482475415455748&ecp_p60=0.06345082849701368&ecp_p70=0.07469526774167476&ecp_p80=0.08296854343609932&ecp_p85=0.08626296572310474&ecp_p90=0.08828270515465747&ecp_p95=0.08998754251964894&ecp_p99=0.08889821273804527&optimal_cut=0.0&cut_cluster=0.0&ecp_p05=0.02&ecp_p10=0.02&ecp_p15=0.024341455484789828&ecp_p20=0.028917005055002415&ecp_p30=0.039064092858657085&ecp_p35=0.043526797557593304&ecp_p40=0.04650929920430148&ecp_p45=0.04989874791201503&ecp_p55=0.05953987756920395&ecp_p65=0.06834028800069364&cbvp=2
Requested by
Host: dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
URL: https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.201.214 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-201-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Mar 2024 18:27:10 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 10 Mar 2024 18:27:10 GMT
log
c21lg-d.media.net/ Frame 67A3 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3530968292818455000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=1&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Mar 2024 18:27:09 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 10 Mar 2024 18:27:09 GMT
content-length
35
content-type
image/gif
cksync
cs.media.net/ Frame 67A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzUzMDk2ODI5MjgxODQ1NTAwMFYxMA%3D%3D&google_sc=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_error=15
87 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_error=15
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=1&usp_consent=1
Protocol
H2
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
07d5b4b5bf60f10d0778c46b8642529e7e7108fe354512566219ac81ce2a48d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 18:27:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
87
x-mnet-hl2
E
expires
Sun, 10 Mar 2024 18:27:10 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Mar 2024 18:27:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E0C4 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f.pondit.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 08:51:34 GMT
x-content-type-options
nosniff
age
380135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Mar 2025 08:51:34 GMT
truncated
/ Frame 1981 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1981 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1981 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 1981 		15 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7050&&vgd_canary=0&vgd_l2type=scs_newfl&fp=uh2VxRfXSqzf_1bzC9ASN7m85hUjrg6q0BZeVKcWik9EXnJcThKMPaq-OlgRHqMdQ5DY1ngW6ULIuVZKhIq6f4H0OH8HCNRsCOob5UImyGM4CTMY0QN0zLAwPwoynl0__kKI5IFbdGU%3D&cme=VwlqBvEyspL7iRwdknvo2UVURItwo6NSSYphEc8gBuAEGFvmeMOKtNm9eVknplLavOVsteX6Ji8RxFxeqfOreepnmT-p-Q2_ofnXpYEL0JTxLrbs4Y2Oj3MRZf7fAPQRDamCvMyT0GK1jF_Wm7RpFhGlaJlpUuYIQOsDac1pIqIKxthl_NVgCLER9msQG_IZx83WRVonm7LtloLvMg1js53OKL7nfG_TDTdcS6OeBwRLvi7754t0in9weGQU6Ovspz-z4EN2SL2BoYZ10s0Dog%3D%3D%7C%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CUq1MFzLRcZC1IVTHhlROrUU_k21UHY7POP-bptCAXUB7JRL4dYlP7saCwKtaqWEOsUIG_-e44K6d-yDEqHfXajLZNkHfdFYeUvcAQxobRxuRxbUyd-Kw-_9NUkQx8Y_-K0LKQDn_qbQWS9hu-cnkn9E0eXOIbyY3RBtcpjbf-eRn1mb_KC2AGesUUs04qcaHKKoRo6BS2YmbBZJ9p0XB-7Mo5AVp_HqckV3sxanaL_NvYIGNsTNX1iSZto6WyFW9b16c5XzqyMyCDMPIxLi5QjB6VsHBhQCjt8i0sUk37q0%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7Cgx3D6jWGHsfkL2Qylz9cJh5jjqTfFXux%7CnAIkbkyPasLckAwL0kWR5WH5fU0cARYf%7Ca0AmFUYXmD5G2X7eUQj88E2H4GpWND4fRgeeJJLOF8o%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=475&vgde_kbbh=ffoyxQJuO&kwd[]=Take+a+Depression+Quiz&kwt[]=475&kbc[]=1b859e289282da9db4ecb882280495a3.d2s&kwp[]=1&kid[]=324835157&kbc2[]=eset%3D1%7Ce_st%3D59%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3420%7C7%3D0.0003%7C8%3D031011%7C13%3D0.2527%7C14%3D031015%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.047%7C1%3D4.33%7C2%3D12.78%7C7_n%3D0.0006&ktd[]=274895081728&kwd[]=How+to+Lower+A1C+Instantly&kwt[]=475&kbc[]=1b859e289282da9db4ecb882280495a3.d2s&kwp[]=2&kid[]=351444609&kbc2[]=eset%3D1%7Ce_st%3D59%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3068%7C7%3D0.0002%7C8%3D031011%7C13%3D0.1315%7C14%3D031015%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.047%7C1%3D1.76%7C2%3D5.12%7C7_n%3D0.0002&ktd[]=4503874522452224&kwd[]=Emergency+Money+Now&kwt[]=475&kbc[]=1b859e289282da9db4ecb882280495a3.d2s&kwp[]=3&kid[]=78280514&kbc2[]=eset%3D1%7Ce_st%3D59%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.4113%7C7%3D0.0002%7C8%3D031011%7C13%3D0.1124%7C14%3D031015%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.047%7C1%3D2.14%7C2%3D7.93%7C7_n%3D0.0002&ktd[]=4503874539229440&kwd[]=How+to+Lower+A1C+Quickly&kwt[]=475&kbc[]=1b859e289282da9db4ecb882280495a3.d2s&kwp[]=4&kid[]=351424409&kbc2[]=eset%3D1%7Ce_st%3D59%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3079%7C7%3D0.0002%7C8%3D031011%7C13%3D0.1269%7C14%3D031015%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.047%7C1%3D0.92%7C2%3D5.58&ktd[]=4503874522452224&kwd[]=How+to+Pass+a+Hard+Stool+Fast&kwt[]=475&kbc[]=1b859e289282da9db4ecb882280495a3.d2s&kwp[]=5&kid[]=351242101&kbc2[]=eset%3D1%7Ce_st%3D59%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Ckus%3D0.3632%7C7%3D0.0003%7C8%3D031011%7C13%3D0.0713%7C14%3D031015%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.047%7C1%3D2.94%7C2%3D4.01&ktd[]=274895081728&v=1&uspa=1&uspenf=2&geo=34.01%7C-118.26&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=US&wsip=170774594&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22TmQnKzyJjJQ%22%2C%22QQ8E%22%3A%22iu.uiF.ff9.9%22%2C%22QQQN%22%3A%22%3DK%22%7D&cid=8CU7Q771E&vi=1710095229240376078&vsid=DefVid&tdAdd[]=asnum%3D62240&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_act_status=1&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=2&vgd_tsce=L434-S434&vgd_imdtl=1&vgd_l3_sc=CA&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=155921254&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=21539&vgd_nrrmf=303000ca2a&vgd_nrrsf=scrr&vgd_cty=los+angeles&vgd_ifrmode=14&sttm=1710095229518&upk=1710095230.7992&hvsid=00001710095229518015396280324399&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1710095229125287835&vgd_ecrid=1700080807683300300025010006200&vgd_isiolc=1&kbbq=%26asn%3D62240&vgde_ydsp=%7B%22QEx%22%3A%22XuWX~9%22%7D&vgd_mcf=68237&vgd_vstrid=DefVid&vgde_bdata=QOfvzxjj~8xLjMjvu9~GwMNEYvu~myJLEYv9.u~OmYMGv9.XA~QNOvN1~L1Jv9%2C9%2Cou~OmYMjvf9~ejfLMQOvf9fH9Au9uf~8xLjMGvXiX.9X~xLjM7UNv9~xLjMLf1MGv9~Q7OvhiAWiHFh9~YzMGJwMGmmQ7v9.HF~L17v9.999%2C9~8EvuZNhKN~kGGvuF~GwM8YvXHi~L88Ex1vX%2CX~LNvf%2CfFh~LEQMQOvf9fH9Au9uA~L1Oev9.999%2C9~xLjMGvu.FW~ejfLMxLjMGv9~xLjMjvu9~QjevA9.iF~yN17vX9u9A9~OGQ8Ov0r9u9~GGvuiF~JLEYv9.u~ejfLMxLjMUNv949~EQ8MNvuF9%2CW%2C9%2C9%2C9%2Cuf%2Cf%2CuX~GYvu~EQ8MOvfHAh~LUJv9%2C9%2Cou~1AEMGvi.ii%2Chu.XH~QOv9~LMBLMGvH9W.9A%2C9~x8OvfV1RIepEQFg0W%2F__%2F2~NejfLMGvX.9W~G7OvFhfuHi9u999uXFhif9Af9h9WAufiiF9XhHf9H9Wu9HufhWXffWXWFWHWFXWiAAF9iiAf9fH9WhufWFXiuFiWAHXFAXFfuXFAAfuiXWF~x8Yv9~LU7v9.999%2C9~eLMxLjMGvXAF.hH~myOfEMGvu~QQvIK~NNvPb~UGMOjvJz~x8Bvou~NJv9~LNevHX.uF~%3DVvff~UGMxNvu~z7Qvf~UGMxjvJz~UGMNNUQv9~N7vjmQn1zyJjJQ~GQQMC_pvcR%2CI4r~G1Q8QfvuiF~GO7vuhu99iXffW~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9Au99f~ONvW~ejfLMGvh~77vfHAF~eBMJ-Nv9.Fu~e8QMQOvfXf~xLjMLEQMGvuu.iX~GwMNmvu~ONfvu~eM1QzvFffH9~j1Q7v~NemyvX.9W~e8QMxLjMGv9.XH~ejfLM8MQOvf9fH9Au9uu~e8QMxLjMjv9~J7vui~ejfLM8MGv9.9H~e8QMGvHXF.WA~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvfXf~LkevHX.uF~jfLMGvu999~BLMGvF.iu%2C9~L1OEv9.999%2C9~Q8OvHWXuAufXh~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.Fu~OfEMjvu9~NejfvX.9W~AENkviii.WX~myMYQwv9.u~OYYMQ7LyvE8zz1NjJ~OfEMGvu.9X~LEQMGvhu.XH~xLjMQLEQMGvuu.iX~LUBEv9.999%2C9~J-EQNmLJvou~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.u~UGME7vKL78NjJ~xLjMLEQMLev9~NGOEv9.9XH~875EJM8Ovuh~QJjjJLM71yM8OvhiAWiHFh9~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Fu~EmQvA~1NM75EJvu~1OGjUvhiAWiHFh9~1YEvu~myG8Ov9.u99999~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvE8zz1NjJ~GOEN1EOv9~O1jyvYxj78%20x1z78jJMehM1GmeJM%209X~QyY7vwmYJE1yJM7JNwzmjmy5MNmYEx78zy~QmGEv~-8OvKrtoExGofWhiFAA9FHfX9Wuh~w7Yjvu~ONx7vHX~OmyGv9ou~JNEMxQJOv%20ii~JNEMeJLvYxj78%20x1z78jJMeh~JNEME9Xv9.9f~JNEMEu9v9.9f~JNEMEuXv9.9fHAHuHXXHWHhWiWfW~JNEMEf9v9.9fWiuh99X9XX99fHuX~JNEMEfXv9.9AHWfHhXHuXHXXhHW~JNEMEA9v9.9Ai9FH9ifWXWFXh9WX~JNEMEAXv9.9HAXfFhihXXhXiAA9H~JNEMEH9v9.9HFX9ifiif9HA9uHW~JNEMEHXv9.9HiWiWhHhiuf9uX9A~JNEMEX9v9.9XH99WuWXiFAXfuih~JNEMEXXv9.9XiXAiWhhXFif9AiX~JNEMEF9v9.9FAHX9WfWHih9uAFW~JNEMEFXv9.9FWAH9fWW999FiAFH~JNEMEh9v9.9hHFiXfFhhHuFhHhF~JNEMEhXv9.9hiuXuHWiAFFWu9u~JNEMEW9v9.9WfiFWXHAHAF9iiAf~JNEMEWXv9.9WFfFfiFXhfAu9HhH~JNEMEi9v9.9WWfWfh9XuXHFXhHh~JNEMEiXv9.9WiiWhXHfXuiFHWiH~JNEMEiiv9.9WWWiWfufhAW9HXfh~8GNvu~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGvu~GQEvou~7Y-vfHu~Y-GU7v9&vgd_cfud=230817&vgd_scsver=424&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=803&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_ssmcr_lar=2&vgd_l1cdv=1180&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=1&vgd_usps=r&vgd_sc=CA&vgd_l1rhst=contextual.media.net&hvsid=00001710095229518015396280324399&rc=0&rand=1710095229869&acid=bbdb574ca682fdfcda9ad360368c7d20&matm=1710095229869&vgd_ltimesrc=1&vgd_ltime=968&vgd_rtime=966&vgd_etm=6&vgd_l1hcsd=Ss1v0%7C1584&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6913&vgd_pgid=p0874249583t202403101827&vgd_csip=rtb-appnexus-5768fd6c4b-hdldc.SC&vgd_sbSup=1&vgd_nrrs=21539&vgd_cntrdt=SF%7Cdcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com&vgde_cdeplbl=1E8Mzm7M1e18j1GjJ&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3509&&kkdd=Hu%7CH%7Cn*9A&7o=F-FKKNwttNtyKV-LK-u&9(Qk=K&UPQaeO=t&YPQg=K&!(7=FFuK&.P!a=)yVy&!o(=u1X-d--FM&!Q!(=d!29c_pUvfMp5Fvv0kkf!H%3D%3D&!ko(=yuwFVFtw-&Poha=VKK_twK&!!=Xr&P!=1R&!6eY=B*44R1)M&Qo(=uBiL-JjVr&.Qo(=3FMVLLu&6..QP=F&kkk=.hJ06)!I0)vV6G_-5-oyd7BMIaq5*e!1&ePa=w&IH=F&U9(=y&g(.F=u1XXNflus&g(.t=FwwNtFtwy&m(g.g=P(t%3DeUIInoUkIvI%3DFKnm6v!QY%3DFnc9akQY%3DK~Fn(cYvm%3DK~wVnP!(%3D!gnkga%3DK%2CK%2C0Fn(cYvI%3DtKn7ItkvP(%3DtKtyKVFKFtnoUkIvm%3DwNw~KwnUkIv.C!%3DKnUkIvktgvm%3DKnP.(%3D-NVuNyL-KnYevma6vmccP.%3DK~yLnkg.%3DK~KKK%2CKnoQ%3DFx!-R!nOmm%3DFLnm6voY%3DwyNnkooQUg%3Dw%2Cwnk!%3Dt%2CtL-nkQPvP(%3DtKtyKVFKFVnkg(7%3DK~KKK%2CKnUkIvm%3DF~Lun7ItkvUkIvm%3DKnUkIvI%3DFKnPI7%3DVK~NLn9!g.%3DwKFKVKn(mPo(%3DBAKFKnmm%3DFNLnakQY%3DK~Fn7ItkvUkIvC!%3DKMKnQPov!%3DFLK%2Cu%2CK%2CK%2CK%2CFt%2Ct%2CFwnmY%3DFnQPov(%3DtyV-nkCa%3DK%2CK%2C0FngVQvm%3DN~NN%2C-F~wynP(%3DKnkvHkvm%3DyKu~KV%2CKnUo(%3Dt*gp47qQPLdBuZ33ZDn!7Itkvm%3Dw~Kunm.(%3DL-tFyNKFKKKFwL-NtKVtK-KuVFtNNLKw-ytKyKuFKyFt-uwttuwuLuyuLwuNVVLKNNVtKtyKu-FtuLwNFLNuVywLVwLtFwLVVtFNwuLnUoY%3DKnkC.%3DK~KKK%2CKn7kvUkIvm%3DwVL~-ync9(tQvm%3DFnPP%3D4Rn!!%3DXrnCmv(I%3DaenUoH%3D0Fn!a%3DKnk!7%3Dyw~FLn1*%3DttnCmvU!%3DFne.P%3DtnCmvUI%3DaenCmv!!CP%3DKn!.%3DIcP%20ge9aIaPnmPPvS3q%3Dzp%2C4MAnmgPoPt%3DFNLnm(.%3DF-FKKNwttunmgPoPF%3DFNLnCmv..%3DKnm6vP(%3DtKtyKVFKKtn(!%3Dun7Itkvm%3D-n..%3DtyVLn7Hva_!%3DK~LFn7oPvP(%3DtwtnUkIvkQPvm%3DFF~Nwnm6v!c%3DFn(!t%3DFn7vgPe%3DLttyKnIgP.%3Dn!7c9%3Dw~Kun7oPvUkIvm%3DK~wyn7ItkvovP(%3DtKtyKVFKFFn7oPvUkIvI%3DKna.%3DFNn7Itkvovm%3DK~Kyn7oPvm%3DywL~uVn7ItkvUkIv7o%3DFM0FLnUkIv.7o%3DKn77%3DKn!7ItkvP(%3DtwtnkO7%3Dyw~FLnItkvm%3DFKKKnHkvm%3DL~NF%2CKnkg(Q%3DK~KKK%2CKnPo(%3DyuwFVFtw-nUkIvkQPvC!%3DKnCmvPk!%3DCmmn7HU%3DK~LFn(tQvI%3DFKn!7It%3Dw~KunVQ!O%3DNNN~uwnc9vYP6%3DK~Fn(YYvP.k9%3DQoeeg!Ian(tQvm%3DF~KwnkQPvm%3D-F~wynUkIvPkQPvm%3DFF~NwnkCHQ%3DK~KKK%2CKna_QP!cka%3D0FnkCH(%3DK~KKK%2CKnoPJaO%3DKnoPoO%3DKnUkIvkQ!vm%3DKnmo(%3DK~FnCmvQ.%3DRk.o!IanUkIvkQPvk7%3DKn!m(Q%3DK~Kwyno.5Qavo(%3DF-nPaIIakv.g9vo(%3D-NVuNyL-KnPUQQI5v.g9vo(%3Dn(a.a!.a(v.g9vo(%3Dn7oaHgmoIo.5%3DK~LFnQcP%3DVng!v.5Qa%3DFng(mIC%3D-NVuNyL-KngYQ%3DFnc9mo(%3DK~FKKKKKnmOIk%3DK~KFKnPUo(%3Dn(.!%3DagP.vP!n(YYvakQY%3DOgIPan(YY%3DQoeeg!Ianm(Q!gQ(%3DKn(gI9%3DYUI.o2Uge.oIav7-vgmc7av2KwnP9Y.%3D6cYaQg9av.a!6ecIc95v!cYQU.oe9nPcmQ%3Dn_o(%3DRAW0QUm0tu-NLVVKLytwKuF-n6.YI%3DFn(!U.%3Dywn(c9m%3DK0Fna!QvUPa(%3D2NNna!Qv7ak%3DYUI.o2Uge.oIav7-na!QvQKw%3DK~Ktna!QvQFK%3DK~Ktna!QvQFw%3DK~KtyVyFywwyuy-uNutuna!QvQtK%3DK~KtuNF-KKwKwwKKtyFwna!QvQtw%3DK~KVyuty-wyFwyww-yuna!QvQVK%3DK~KVNKLyKNtuwuLw-Kuwna!QvQVw%3DK~KyVwtL-N-ww-wNVVKyna!QvQyK%3DK~KyLwKNtNNtKyVKFyuna!QvQyw%3DK~KyNuNu-y-NFtKFwKVna!QvQwK%3DK~KwyKKuFuwNLVwtFN-na!QvQww%3DK~KwNwVNu--wLNtKVNwna!QvQLK%3DK~KLVywKutuyN-KFVLuna!QvQLw%3DK~KLuVyKtuuKKKLNVLyna!QvQ-K%3DK~K-yLNwtL--yFL-y-Lna!QvQ-w%3DK~K-NFwFyuNVLLuFKFna!QvQuK%3DK~KutNLuwyVyVLKNNVtna!QvQuw%3DK~KuLtLtNLw-tVFKy-yna!QvQNK%3DK~Kuutut-KwFwyLw-y-na!QvQNw%3DK~KuNNu-wytwFNLyuNyna!QvQNN%3DK~KuuuNutFt-VuKywt-nom!%3DFnePh%3Dtn.9P%3DtwK_twK%7CVKK_twKnmPm%3DFnmPQ%3D0Fn.Y_%3DtyFnY_mC.%3DK&e.7=K&YYY=UWcP4O*A2MC%3D&oH=VKK&oe*Ok=F&m(k*(=yLK&mo(=Vwt-tw&Y!O=LutV-&5(PQk=F&mga=p_paagh992np_paagh292nyaa&Cg.Qka=F&Cg.mo(=0FKt&!g(cYgoe=.hJ06)!I0)vyB6o57mCJxX7!0ANNg(yapP.xl0clFhK%3D&5QIQ=F&oPo(=w&g(7=*e7aP.ck%20lc!UP&PPY!kv7ak=w&g!.=Bp*UUk%2FyeVgeeee2p9aV9%2Fe%2Fk%2F%2FOaa9a4VV&Q9o(=QKu-ytyNwuV.tKtyKVFKFut-&PPI(=%7B%22PPoQ%22%3A%22NF~FNL~ttK~K%22%2C%22PP!!%22%3A%22Xr%22%2C%22PPP!%22%3A%221R%22%2C%22PP!.5%22%3A%22)cP%20Re9aIaP%22%7D&6.YIPk!=F&sflct=386833&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Sun, 10 Mar 2024 18:27:09 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
15
expires
Sun, 10 Mar 2024 18:27:09 GMT
bn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E0C4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/bn.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
a9e9b6bc88e14ccbe87ca4e10301dbee8c20eaa9ae6da371386e9a2bd5e022f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:14:59 GMT
x-content-type-options
nosniff
server
cafe
age
65531
etag
9699036136494587712
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4229
x-xss-protection
0
expires
Mon, 11 Mar 2024 00:14:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E0C4 		344 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 00:57:49 GMT
x-content-type-options
nosniff
server
cafe
age
62961
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 11 Mar 2024 00:57:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E0C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ceh_PfPvtZZajJJPH6toPxve5UMq35eZ16ZDA0ZkMkJTb6K8cEAEgnNT1oQFgyd7ohsijkBmgAcnLrPYDyAEJ4AIAqAMByAMKqgSoAk_Q9mWSdo1RimNnHOaKoNMaTpp1OoTF8zoxEc8h4h4vAP4qPC83eDo2QF5bT8WKeiQNN1KNMVUwi_YOh2Jx1EVFNBUUHDBu3t802-3qVUbYHfQF0637BsAYHpN4uN5f4ykfj6X-VomZjb_HjxHopUCiaW-YXA-lDhFVM6bcKbqng9BcIFCazPKk7axNATYcHU_hCrJlp8zyoV4rPnG-qbR8x1520D_MJ_Puz_ESA5P6zXePHTBfAgLSwGHp00HuemrOO86AA4-bAk-haKctEaCMMEvYUJKG7oCJ0iefPNanIfBteO6re_XSamH0uYzRlZw6CIBPDgrs48fzE4sfWkFdlzRoQ7s_9PQQwTXtZPqidmtj_xLJIrdhEFx8e9NnyyLoRwro6eORwASHlJrGngPgBAGIBbnG0pIqkgUECAQYAZIFBAgFGASgBi6AB5-00wmoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBDG9QTSCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpYqvDYlKnqhAOaCRZodHRwczovL3d3dy5hbHRhZHQuY29tgAoDyAsB2gwRCgsQ4PSc-peSxYOzARICAQPiDRMI0LPZlKnqhAMVk6NaBR3Gew4K2BMOiBQE0BUBmBYBgBcBshcfCh0IABIUcHViLTI1ODc2NjM5MTUzNTU0OTkY6Z2eAbIYCRICmGkYLiIBAA&sigh=3qgqMoT3Ps0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwB7FLtqkGis4VDR9P71rs33OAvx87yrjpW7C79QDu19izL-4imiI3uRPaMTkw8-djmMA1DUvlT0TbLNmHlPw7_DCv34WvFM1IR57NW01dYYAQ&template_id=5000&cbvp=2
Requested by
Host: f.pondit.xyz
URL: https://f.pondit.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
851c15f03a283ffdccda9a2c081802e0b6594b181c346d06f8d848a51ba45565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12144
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js?cb=31081698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 18:27:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C73 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f.pondit.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
159391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Mar 2024 22:10:40 GMT
expires
Sat, 08 Mar 2025 22:10:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AC65 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f4.1e100.net
Software
GSE /
Resource Hash
6d59222134dc3a1a65539f1f09c01aa4bfe01f2790b992eaee20a30cbe0a41b8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wxw_BvgbkDUQx61lhPYZ-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f.pondit.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wxw_BvgbkDUQx61lhPYZ-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Mar 2024 18:27:11 GMT
expires
Sun, 10 Mar 2024 18:27:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame E0C4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNMDp_IXtEPLk5H48DJE3DmwaRRq6Ol_nMbjlSgw8PUqzq65sbxiXS9wcuAyJykVkoOvv7WokobT_-Es-s7hd2uWgac98wpFZxTJE2jYquABuD9UKAMhyDZWawge9_H5OgxnJOUzjPx36Xw5MOMh-EPO_3HEem-Hg&sai=AMfl-YR8Ss7Po6f4BRhXs3kv950RY4qLctBrCv55QuRezIMg_Pb_GiHGKoLR05tQkXO4ReVaDHgdFgiUTSyCUpqTuQPrjhYobceVqhZ64Dp5XJwsoxsRXJ-s5rzEPdugEyU3ueVnxRnu_OdQEHsOxmWU0Q&sig=Cg0ArKJSzL2y2sy9zW32EAE&cid=CAQSTwB7FLtqkGis4VDR9P71rs33OAvx87yrjpW7C79QDu19izL-4imiI3uRPaMTkw8-djmMA1DUvlT0TbLNmHlPw7_DCv34WvFM1IR57NW01dYYAQ&id=ampim&o=232,527&d=300,1050&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=857&tls=1857&g=64.09524083137512&h=64.09524083137512&tt=1857&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 18:27:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
pagead2.googlesyndication.com/bg/ Frame 6C73 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
159088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15541
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Mar 2025 22:15:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 6C73 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GJqvow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 18:27:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame AC65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403070101&jk=4341935264058810&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403070101&jk=4341935264058810&bg=!aWqlaiXNAAZsmiNCTJo7ADQBe5WfOC78hLguX5uI5B27WJRnoQyoH4WjhD_PPLOoUIikxjuSp7Jmrz6EFXcBrOcyYIOOAgAAAHNSAAAABGgBB5kCx3FFCxamvdUvHpzKoMWUye7odFh32WfNBO1kRcDmHP_iBLJ3iPivq0EvWCIwu7NpubkYoOmJMPZATf0reust760VYAl_UyY42W0w-_I2LB_u-YyW7FUwbLpohDxeI4pjRGhv4MfN9HPyKGp6c2JTLcvjPxQm3EidMYKPp7xrFTqZvHa4QJTF2cjeZh3ay4ytdnFr0k1AQYJ0-DHOfvo_QK4g5b6d0QkV2-ULfST2-hmK274JMtLfJaWZjsc1FfLRSX121owRUKoCZbZ58UmYnKT1B_zL4Vdmya69RyFHjx_nDM9jabAdL1fYZONPLKpZ09SI8xqLgRSQL6uWzoVPF7sjYcxRo9qZbX3PkkTRzDeS9fO0JyAEUkDOw8RGVICixnmWGUVB7IY_Lj3NgSrNTjmtDsHwE6EIkYDr7O0L6u2LCkCkekzH_g54YZ7FZvL2CiEXIiIndoyo-Wn2c_dGvg89Iv8S1tszi0CNSvSuWwp92mKQwoSyLtaY9XHmIH5pwURHd0M1BrLkTPAar2py8hMC1B5Hh5MZx5hhLd5XPINernShbx1qdUZUOGYwEwF0RkFGZrb6H-3jDq9u9w69cjn8ex7NZYHJlFRXZmgvC6zA28b3ixf_TeMAvqFcs0Xinl1zo4RTWyEysHwhmZt68Lw9f13iDESggPGOcdJ4ojnj90r0yhl4I4GeC2XwJ5NjFn65tUbeWtfEr3-0U4OGb07lmY4XoK48gQN88xjepCycT5ZxM5jmc1V81WORuUE6aQ5sncJtqKoHOTRLcnuu7Tm0DjJj08JucoYI0QQ_-YbQP9HctVHn84yyekmUx-A-IxA4-C4ECHTu1jPOMV8Xs2SAksahxOkt9e9wPlH1gbAJ1Uk6MPDDCfJor5wOQQtqJZCDtlh0qkZ5uxu6TxRsp5E3qxyVZ8Q8bjOK_CapyUnqcLsdPbNcMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f.pondit.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| anchorSlot_2 object| googletag object| interstitialSlot function| Typed object| typed3 function| menuFunc object| pa object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22E90121DD-4EF7-4BB1-8033-3F3B65BB1C26%22%7D
.pondit.xyz/ Name: __gads
Value: ID=eb0f416b0c2e2e94:T=1710095227:RT=1710095227:S=ALNI_Ma546HgTFbRQy1djJZlrBkf0KYj4A
.pondit.xyz/ Name: __gpi
Value: UID=00000a1256e8bb38:T=1710095227:RT=1710095227:S=ALNI_MZLcCXVHur-d40IJqYwuRmbejzJXw
.pondit.xyz/ Name: __eoi
Value: ID=5f7a1955e4bfb509:T=1710095227:RT=1710095227:S=AA-Afjb8yIK-5h7A_oLGCEHvVxWA
.media.net/ Name: usp_status
Value: 1
.media.net/ Name: visitor-id
Value: 3530968292818438000V10
.doubleclick.net/ Name: IDE
Value: AHWqTUn0Tc48ywM_-HPNMwjnWnVNxHsrLJKX_waT_ppYqPule6Fz11FtS0i9SnsWAq4

32 Console Messages

Source Level URL
Text
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://f.pondit.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.followingbook.com
c21lg-d.media.net
cdn.ampproject.org
cm.g.doubleclick.net
contextual.media.net
cs.media.net
dcf59adb2483298c1b7c56d1d4a98ded.safeframe.googlesyndication.com
f.pondit.xyz
followingbook.com
fonts.googleapis.com
fonts.gstatic.com
hblg.media.net
lg3.media.net
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
rtb.ads.us-east.travelaudience.com
securepubads.g.doubleclick.net
static.travelaudience.com
tpc.googlesyndication.com
unpkg.com
warp.media.net
www.google.com
www.gstatic.com
z.moatads.com
104.117.182.144
104.16.124.175
129.158.248.135
142.132.255.53
142.250.65.161
142.250.65.194
142.250.72.99
142.250.80.34
142.250.80.36
142.250.80.42
142.251.32.99
142.251.40.225
142.251.40.98
154.26.157.28
23.199.49.202
23.44.201.214
23.56.162.28
23.56.212.28
34.86.179.162
35.244.170.237
0485ab625df6c818c9a9eec594cd0cc75cae22679b2bae7c330723369d03fb36
0604f914c7e58689c2ff2be25a4f6446c5ef73f88ad123681381bc8d95d487d1
06acf945edd8fd2c3261d6b63e878f382e1218870cc22029b06d89112678db53
07d5b4b5bf60f10d0778c46b8642529e7e7108fe354512566219ac81ce2a48d5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
1202f50097f0a51e3c6445acca5e1319ff82d4968ce56ab8f2421cfa26d3a719
126d85989a3db8e28b82944b383b6f7dcb927644cf93c916795760169a586b41
13d1aadbe4e213f809f4f0af45bdd70110fa589996fcc9cb6ee4aab93ad8946b
13e3a02a79e19f8d4382b4252a111db84d6bc09f5559ef52276ae86aee6bfad1
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
164a2777ea017c31030f79af23d0e6b26f618035b6dfa4ad48d96147ade81ef1
16c100622d84920b8b85c12aef7b5f187f5af944e14fad704bd28bac48fbeab2
184934ca83bc8087d91ab5ff6610a254b9b4ad18c7bea8a13fcc428c6d5d83dc
1c5a124b73ab2adcc8d89639225b8356bae8acc2c7ae5a668dce8106f2b66b20
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
1ee6f39098704cadd8255a8bf57e4ce8241179ff381a3747343af50871e20645
2173c3602eacc8ac7fb1425bde8b36647c6744ca1c81163d7658f7216e46cbd6
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
2d485d48607ab925b962a71b60f2b347f7b909f4b9be841833306d516ff4f8cd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
32bd0bfdb293936585a6e9cdbd3e6672df2b4c10b5113c5cf6fb2595570d2179
368b3d00f4e55fab7886a05353007e6f528321e9db7de44820f0706d86d7023e
383a57ed0bd78d1b9d2a96893c8db506dd2510912d1dcbcb5bb6696f1656ded2
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3e4d9a37987789ea79183504b429bb3752060f65750129627668d9654af9a1f6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468e37879fa91bc40617d1c7edc925911c9cd25ea7ead033c515ef4d0dd696a1
4afa459690a230b87f90e4c5f4619d8eb9bbba1a2254fe107c05fcc7e9f6d3ab
4b21483d8e0b53805db212563ddce6873d9837a02b6fe99c418787ebbc608ff8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53530184f52e21cdb6db101308bdf0a3b5326489e3f9bf14790ea7b398f28bac
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54cc5173ceb5d669111a5f3d7898029e419e0c29f4b026189a90afe17f688194
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e6e7f4935a0dedfff1a7b92d1b00eed39654cd43a535e3d6ed64f6edf2fbe3
5607df5fbf61afe34a0bb4eee9d55c3c559129fb9a37c232a4b7aa8ea1ac29ae
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
58424467abb3fa4b302a80c7108fe20ca8328e4ecb4275cf1a04db3fa5f83f27
591c86d15cf205775c7ddbeb9e34c4cfb9395224c0bedb701d277bc9eecb2291
5aa8ff05c5b3714eaf9df36412a436196200f6c660540406b3000477045b6151
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6783b6657bfcf5178798347f2f17ef4a90ba3eb4bc80783f3712a38815925a
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
6abb738ff1ebd56f3aa317633ae43ad58b692992f1e892c400072c2025ee36a8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
6d59222134dc3a1a65539f1f09c01aa4bfe01f2790b992eaee20a30cbe0a41b8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
8199d6cbc993261da7bf5f51613747606103242d7f33d0fb1ce3014042e5268e
8493c0ae31e1cee99b646d1aeed82707c875bfc770a0536d20f989d0ff8f0447
851c15f03a283ffdccda9a2c081802e0b6594b181c346d06f8d848a51ba45565
85a6ed94ba27dd7e279e052100901db097b703b955c490d33ff9a99a1cd4cd5a
88cb5b1ec147c3a3f48ebffbbbde19227e78e7b7435ba9cc3cd37ee20405f9a3
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8bca2b8623c7e603ac17eb5a840e400e13d1376fefea70d95a69f765abe1c1f1
94df1e4e937b2c0070bac623f5e0801ec490157a2cb5606e2657c6620d0b5355
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a76cfa7c2476fd27b3364809d819104deb8675227d231c697988494c71655309
a9e9b6bc88e14ccbe87ca4e10301dbee8c20eaa9ae6da371386e9a2bd5e022f0
adab9c6f58dc1d466b8007282dd53bc4c26ed46ed68904f9ff645f94e7f7a828
aec2da3979557d8ab51d77b03b579ad56848ac6b2b53dfbaefffb5da12dfb587
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b466c10c2be95f487293a93ff6bf5693a3915ca8e693d8ec1fb2fdcb1dff5f39
bd506958d0a6f07fedea92aeee32309cc937cd7d9d3a4dda2527ad175f1d5524
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
bf880647b736f1922d55d9223da08fdce304be1649fd1d6665d2fb2d694b3394
c36f22a8b1a98bd900e95685b5a3804dd79d827e8ffc77e4d7cc37c680476463
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5
c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
cdc1bd647656fc98db18e103a7a8fb9672f76ab584373a8fc7680c5b121f4cfc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d63456208ab6724c690f245f291104e40263f3a242321d262c4848ab195b0377
d64efe7c69f7fdb4418ef3faae76ad457a908d2ccab0ceed875374b4310d6a59
d8bbc358b28bde4aa16527b38e6a1f592c217f7bab685693523c751c4f1f7d8e
d8fcc808bdc03003322d1d27bb450619fdbecda1cb5ce1b159c65fd40ff7ca28
da855d24a30de4d36f3cbe2aece423aee8f328c1f5e0f5ed3689a401462b39e2
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ab8bb5f80e0e3ee4685a0a871d9c64a96a02de2727d8b5e59d3134d2ec623d
e5ac3c75da47d89a0af95f629bdb5a66fbdbbecc03a841a868fc5e107aaa26b1
e7adec24125631f9445b44510cb8980b0e3ce63f58eb30a647dd3ec8add8c8db
ec7d1e9203348279dc36d7557e952136451489fc3b7aa8ae890af038d57db943
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdb487e95f1fc1adaa7b0d82b7a4d0345474763b7d771983d39e4d9ed345f08
f363b0163ae688863a525b073dd9ca1632ea653cea44cad43b2c71677ec881ee
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4