urlscan.io logo urlscan.io
SecurityTrails logo

j-p-g.net Open in urlscan Pro
91.211.88.52  Public Scan

Go To Rescan Add Verdict Report
URL: http://j-p-g.net/
Submission: On August 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 15 domains to perform 53 HTTP transactions. The main IP is 91.211.88.52, located in Dnipro, Ukraine and belongs to HOSTFORY, UA. The main domain is j-p-g.net.
This is the only time j-p-g.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    91.211.88.52 (Dnipro, Ukraine)

ASN206638 (HOSTFORY, UA)
j-p-g.net
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
5    139.162.151.130 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: reformal.ru
media.reformal.ru
tab.reformal.ru
log.reformal.ru
reformal.ru
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
9 j-p-g.net j-p-g.net
7 pagead2.googlesyndication.com j-p-g.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 mc.yandex.com 2 redirects j-p-g.net
3 counter.yadro.ru 2 redirects j-p-g.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 mc.yandex.ru 1 redirects j-p-g.net
2 media.reformal.ru j-p-g.net
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 reformal.ru j-p-g.net
1 log.reformal.ru j-p-g.net
1 tab.reformal.ru j-p-g.net
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com j-p-g.net
53 22

This site contains links to these domains. Also see Links.

Domain
jpg.reformal.ru
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://j-p-g.net/
Frame ID: 85116A16198FFC7532FDD7D83FA1C959
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Frame ID: 4353CB1B02077CEFB703C301FD596274
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Frame ID: 82CB00B902F6A5AE67BD8A2F67D52101
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&adk=1812271804&adf=3025194257&lmt=1629688837&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fj-p-g.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1629688837785&bpp=1&bdt=326&idt=113&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x600&nras=1&correlator=3877121872305&frm=20&pv=1&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=124
Frame ID: F0CB3D4A7BB91DCC6B3E25B64CAF77B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D5FDF8133CA55EF708D17800890F3C73
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Frame ID: 4E0E8556882021B854401196184DEFA7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E06C5C25CDF36DB0C6B08B7F5CCC89A4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2972004BDDB5113FD2FDCC365B81A66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Хостинг картинок и изображений для бесплатной загрузки ваших фото | J-P-G ваш лучший фотохостинг

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

53
Requests

72 %
HTTPS

80 %
IPv6

15
Domains

22
Subdomains

21
IPs

5
Countries

1535 kB
Transfer

2263 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241
Request Chain 28
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9373.Sbh6sN7_suHIqIia5_fssC5TiHbcToyiRRdz7Y2farHDUpN14df0NyvUTfE3udtP.1p_jfeNP_d4-_StZ9wOiP9MNdho%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9373.QFIg5sNP2Tuk_w4Qlak_78g1iPQTlqF97Sid8El4ZbFmoPf7G6hZCS9WPj2ovrr5Vf8aEygN5ZqVSaWhhBRJvA%2C%2C.QbOq_qV99LwjcuY_bVhyx9wTv2E%2C
Request Chain 31
  • https://mc.yandex.com/watch/36833945?wmode=7&page-url=http%3A%2F%2Fj-p-g.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15pe9g%3Afp%3A472%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A10405038921%3Ahid%3A78708291%3Az%3A120%3Ai%3A20210823052038%3Aet%3A1629688838%3Ac%3A1%3Arn%3A1005876862%3Au%3A1629688838451987275%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629688837310%3Ads%3A6%2C18%2C122%2C45%2C0%2C0%2C%2C298%2C29%2C%2C%2C%2C447%3Adsn%3A7%2C17%2C122%2C45%2C0%2C0%2C%2C255%2C30%2C%2C%2C%2C447%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629688838%3At%3A%D0%A5%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%D0%B9%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B8%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D1%84%D0%BE%D1%82%D0%BE%20%7C%20J-P-G%20%D0%B2%D0%B0%D1%88%20%D0%BB%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D1%84%D0%BE%D1%82%D0%BE%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3 HTTP 302
  • https://mc.yandex.com/watch/36833945/1?wmode=7&page-url=http%3A%2F%2Fj-p-g.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15pe9g%3Afp%3A472%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A10405038921%3Ahid%3A78708291%3Az%3A120%3Ai%3A20210823052038%3Aet%3A1629688838%3Ac%3A1%3Arn%3A1005876862%3Au%3A1629688838451987275%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629688837310%3Ads%3A6%2C18%2C122%2C45%2C0%2C0%2C%2C298%2C29%2C%2C%2C%2C447%3Adsn%3A7%2C17%2C122%2C45%2C0%2C0%2C%2C255%2C30%2C%2C%2C%2C447%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629688838%3At%3A%D0%A5%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%D0%B9%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B8%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D1%84%D0%BE%D1%82%D0%BE%20%7C%20J-P-G%20%D0%B2%D0%B0%D1%88%20%D0%BB%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D1%84%D0%BE%D1%82%D0%BE%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3
Request Chain 45
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
j-p-g.net/ 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://j-p-g.net/
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
82617f3ecac312a32142c89d22a84dd7ea96673322a4b191384a9e14c71e9b7b

Request headers

Host
j-p-g.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Mon, 23 Aug 2021 03:20:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Set-Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
style.css
j-p-g.net/themes/eugenics/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://j-p-g.net/themes/eugenics/style.css
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
dd1b6d1dce399f8205c9eb2580701001ff72e303e0bb46b0b52685e44cdb9fd4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://j-p-g.net/
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Tue, 08 May 2018 01:13:56 GMT
Server
nginx/1.16.1
ETag
"5af0f9d4-491b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18715
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-177202692-1
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
715523c7dab4a14b1585722278a2e4f48c454031fd12484b4dbae5fb71b1a968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41045
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Aug 2021 03:20:37 GMT
eugenic.js
j-p-g.net/themes/eugenics/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://j-p-g.net/themes/eugenics/eugenic.js
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
6a636cfabb41c577fdfc7dccc0f95010390493e3f31e61da6ff949504f266774

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://j-p-g.net/
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Sun, 02 Mar 2014 13:21:54 GMT
Server
nginx/1.16.1
ETag
"53133072-169e0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92640
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 23 Aug 2021 03:20:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14305058684536401169
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49909
X-XSS-Protection
0
Expires
Mon, 23 Aug 2021 03:20:37 GMT
0972254001629571496.jpg
j-p-g.net/if/2021/08/21/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://j-p-g.net/if/2021/08/21/0972254001629571496.jpg
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f31fa4180d82e69170b3e8d68b3eec4a375afcb25ddcc6a36c7cb343feee9105

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://j-p-g.net/
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Mon, 23 Aug 2021 00:41:53 GMT
Server
nginx/1.16.1
ETag
"6122eed1-eae5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60133
0980883001629052469.png
j-p-g.net/if/2021/08/15/ 		648 KB
649 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://j-p-g.net/if/2021/08/15/0980883001629052469.png
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9c84480525c8764a1938681c29ba678902f6e29007a34f7696a2904047fff574

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://j-p-g.net/
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Mon, 23 Aug 2021 00:41:54 GMT
Server
nginx/1.16.1
ETag
"6122eed2-a217a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
663930
0475878001628970835.jpg
j-p-g.net/if/2021/08/14/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://j-p-g.net/if/2021/08/14/0475878001628970835.jpg
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ab3d95e7137d330aa4d1ec6588304342a6cc883f82b0936d8e3ef0084ac34356

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://j-p-g.net/
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Mon, 23 Aug 2021 00:41:54 GMT
Server
nginx/1.16.1
ETag
"6122eed2-257c5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
153541
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-177202692-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6243
date
Mon, 23 Aug 2021 01:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 23 Aug 2021 03:36:34 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 		252 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 03:20:37 GMT
eugenics.woff
j-p-g.net/themes/eugenics/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://j-p-g.net/themes/eugenics/eugenics.woff?5167209
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/themes/eugenics/style.css
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
5aee01ec435fb8dca18fcce4f10324a1813d5c1006df335ade5be314373449d5

Request headers

Pragma
no-cache
Origin
http://j-p-g.net
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://j-p-g.net/themes/eugenics/style.css
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Origin
http://j-p-g.net
Referer
http://j-p-g.net/themes/eugenics/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Wed, 08 Jan 2014 00:34:22 GMT
Server
nginx/1.16.1
ETag
"81f4-4ef6aa776df80"
Content-Type
application/font-woff
Cache-Control
max-age=30
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33268
Expires
Mon, 23 Aug 2021 03:21:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/ Frame 4353 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210816/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://j-p-g.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://j-p-g.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 22 Aug 2021 08:37:30 GMT
expires
Sun, 05 Sep 2021 08:37:30 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
67387
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 03:20:42 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 22 Aug 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 03:20:42 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//j-p-g.net/;0.779096310524241
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 22 Aug 2020 21:00:00 GMT
reformal.js
media.reformal.ru/widgets/v3/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://media.reformal.ru/widgets/v3/reformal.js
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
1a7323caffa56f81335acbce8066c1154d23666a2fb3fc7049c22a41c8e12f00

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2016 09:51:47 GMT
Server
nginx/1.16.1
ETag
W/"57208bb3-3b0d"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
watch.js
mc.yandex.ru/metrika/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
92ae9164e146e6632e225064e9fe8a93046ccd91978ac0831fe47802c3a0c2f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:37 GMT
content-encoding
br
last-modified
Fri, 20 Aug 2021 14:26:38 GMT
etag
"611fb217-bac9"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47817
expires
Mon, 23 Aug 2021 04:20:37 GMT
style.css
j-p-g.net/themes/eugenics/ 		18 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://j-p-g.net/themes/eugenics/style.css
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/themes/eugenics/eugenic.js
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3520d229bd767ee2d1a5078c2fd33dac025dabc8421fab155f4dd0760243be66

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://j-p-g.net/
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Tue, 08 May 2018 01:13:56 GMT
Server
nginx/1.16.1
ETag
"5af0f9d4-491b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18715
style.css
j-p-g.net/themes/eugenics/ 		18 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://j-p-g.net/themes/eugenics/style.css
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/themes/eugenics/eugenic.js
Protocol
HTTP/1.1
Server
91.211.88.52 Dnipro, Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3520d229bd767ee2d1a5078c2fd33dac025dabc8421fab155f4dd0760243be66

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
j-p-g.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://j-p-g.net/
Cookie
PHPSESSID=sfi7o4a9v5njoqq80eduvb5925
Connection
keep-alive
Cache-Control
no-cache
Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:37 GMT
Last-Modified
Tue, 08 May 2018 01:13:56 GMT
Server
nginx/1.16.1
ETag
"5af0f9d4-491b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18715
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=33874567&t=pageview&_s=1&dl=http%3A%2F%2Fj-p-g.net%2F&ul=en-us&de=UTF-8&dt=%D0%A5%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%D0%B9%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B8%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D1%84%D0%BE%D1%82%D0%BE%20%7C%20J-P-G%20%D0%B2%D0%B0%D1%88%20%D0%BB%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D1%84%D0%BE%D1%82%D0%BE%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=8814549&gjid=724165971&cid=697470565.1629688838&tid=UA-177202692-1&_gid=1760672846.1629688838&_r=1&gtm=2ou8i0&z=266840334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 03:20:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://j-p-g.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=33874567&t=pageview&_s=1&dl=http%3A%2F%2Fj-p-g.net%2F&ul=en-us&de=UTF-8&dt=%D0%A5%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%D0%B9%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B8%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D1%84%D0%BE%D1%82%D0%BE%20%7C%20J-P-G%20%D0%B2%D0%B0%D1%88%20%D0%BB%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D1%84%D0%BE%D1%82%D0%BE%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1325782579&gjid=493286190&cid=697470565.1629688838&tid=UA-76517130-1&_gid=1760672846.1629688838&_r=1&_slc=1&z=1902570926
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 03:20:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://j-p-g.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=j-p-g.net&callback=_gfp_s_&client=ca-pub-3983512887981218
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0488fbb2f579f5e2fcd3415b346d62c2bf59f8ecda661ae84c1262f96cb47a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=j-p-g.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 03:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=j-p-g.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 03:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 82CB 		83 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49516b98a57922f88d75b22495ad4e1772b5db8397a90aaa649c9e8b2d362e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://j-p-g.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://j-p-g.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 03:20:38 GMT
server
cafe
content-length
28223
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 23-Aug-2021 03:35:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 03:20:38 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 03:20:37 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-177202692-1&cid=697470565.1629688838&jid=8814549&gjid=724165971&_gid=1760672846.1629688838&_u=YEBAAUAAAAAAAC~&z=309313139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 23 Aug 2021 03:20:37 GMT
content-type
text/plain
access-control-allow-origin
http://j-p-g.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F0CB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&adk=1812271804&adf=3025194257&lmt=1629688837&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fj-p-g.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1629688837785&bpp=1&bdt=326&idt=113&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x600&nras=1&correlator=3877121872305&frm=20&pv=1&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c28a766c97866e796acbde137795496708e0092eaa0b20346eb41d1f0879d9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3983512887981218&output=html&adk=1812271804&adf=3025194257&lmt=1629688837&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fj-p-g.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1629688837785&bpp=1&bdt=326&idt=113&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x600&nras=1&correlator=3877121872305&frm=20&pv=1&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://j-p-g.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://j-p-g.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 03:20:38 GMT
server
cafe
content-length
4365
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 23-Aug-2021 03:35:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 03:20:38 GMT
cache-control
private
tab.png
tab.reformal.ru/T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/cccccc/8440ac472a694db51fd8f54bf2c1aea2/bottom-right/1/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tab.reformal.ru/T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/cccccc/8440ac472a694db51fd8f54bf2c1aea2/bottom-right/1/tab.png
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
50376f8e6c8210557ecaf1010d6adf833c4ba05a3a97391c6b6f342fdd3c516a

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:38 GMT
Last-Modified
Fri, 20 Aug 2021 18:44:30 GMT
Server
nginx/1.16.1
Content-Type
image/png
Cache-Control
max-age=864000
Connection
keep-alive
Content-Length
7521
Expires
Thu, 02 Sep 2021 03:20:38 GMT
st.php
log.reformal.ru/ 		43 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://log.reformal.ru/st.php?w=3&pid=971373
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:38 GMT
Server
nginx/1.16.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
971373%7CaHR0cDovL2otcC1nLm5ldC8=%7C%7C4599
reformal.ru/human_check/ 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://reformal.ru/human_check/971373%7CaHR0cDovL2otcC1nLm5ldC8=%7C%7C4599
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:38 GMT
Last-Modified
Fri, 20 Dec 2013 07:24:29 GMT
Server
nginx/1.16.1
ETag
"52b3f0ad-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9373.Sbh6sN7_suHIqIia5_fssC5TiHbcToyiRRdz7Y2farHDUpN14df0NyvUTfE3udtP.1p_jfeNP_d4-_StZ9wOiP9MNdho%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9373.QFIg5sNP2Tuk_w4Qlak_78g1iPQTlqF97Sid8El4ZbFmoPf7G6hZCS9WPj2ovrr5Vf8aEygN5ZqVSaWhhBRJvA%2C%2C.QbOq_qV99LwjcuY_bVhyx9wTv2E%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9373.QFIg5sNP2Tuk_w4Qlak_78g1iPQTlqF97Sid8El4ZbFmoPf7G6hZCS9WPj2ovrr5Vf8aEygN5ZqVSaWhhBRJvA%2C%2C.QbOq_qV99LwjcuY_bVhyx9wTv2E%2C
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:38 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9373.QFIg5sNP2Tuk_w4Qlak_78g1iPQTlqF97Sid8El4ZbFmoPf7G6hZCS9WPj2ovrr5Vf8aEygN5ZqVSaWhhBRJvA%2C%2C.QbOq_qV99LwjcuY_bVhyx9wTv2E%2C
date
Mon, 23 Aug 2021 03:20:38 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:38 GMT
last-modified
Fri, 20 Aug 2021 14:26:38 GMT
etag
"611fb217-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 23 Aug 2021 04:20:38 GMT
gb.png
media.reformal.ru/widgets/v3/ 		121 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://media.reformal.ru/widgets/v3/gb.png
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
7f12ae569ada461896fd0b8c68a0464d0d3da01c313c5e9d69130c4a765b7633

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 03:20:38 GMT
Last-Modified
Wed, 27 Apr 2016 09:51:47 GMT
Server
nginx/1.16.1
ETag
"57208bb3-79"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1
mc.yandex.com/watch/36833945/
Redirect Chain
  • https://mc.yandex.com/watch/36833945?wmode=7&page-url=http%3A%2F%2Fj-p-g.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15pe9g%3Afp%3A472%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
  • https://mc.yandex.com/watch/36833945/1?wmode=7&page-url=http%3A%2F%2Fj-p-g.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15pe9g%3Afp%3A472%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
335 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/36833945/1?wmode=7&page-url=http%3A%2F%2Fj-p-g.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15pe9g%3Afp%3A472%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A10405038921%3Ahid%3A78708291%3Az%3A120%3Ai%3A20210823052038%3Aet%3A1629688838%3Ac%3A1%3Arn%3A1005876862%3Au%3A1629688838451987275%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629688837310%3Ads%3A6%2C18%2C122%2C45%2C0%2C0%2C%2C298%2C29%2C%2C%2C%2C447%3Adsn%3A7%2C17%2C122%2C45%2C0%2C0%2C%2C255%2C30%2C%2C%2C%2C447%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629688838%3At%3A%D0%A5%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%D0%B9%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B8%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D1%84%D0%BE%D1%82%D0%BE%20%7C%20J-P-G%20%D0%B2%D0%B0%D1%88%20%D0%BB%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D1%84%D0%BE%D1%82%D0%BE%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3
Requested by
Host: j-p-g.net
URL: http://j-p-g.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
c873df6204344499c2aeef97ecaf73089cc82280c3a478d382f2701ae572289f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 03:20:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 23-Aug-2021 03:20:38 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://j-p-g.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
335
x-xss-protection
1; mode=block
expires
Mon, 23-Aug-2021 03:20:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 03:20:38 GMT
last-modified
Mon, 23-Aug-2021 03:20:38 GMT
location
/watch/36833945/1?wmode=7&page-url=http%3A%2F%2Fj-p-g.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15pe9g%3Afp%3A472%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A10405038921%3Ahid%3A78708291%3Az%3A120%3Ai%3A20210823052038%3Aet%3A1629688838%3Ac%3A1%3Arn%3A1005876862%3Au%3A1629688838451987275%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629688837310%3Ads%3A6%2C18%2C122%2C45%2C0%2C0%2C%2C298%2C29%2C%2C%2C%2C447%3Adsn%3A7%2C17%2C122%2C45%2C0%2C0%2C%2C255%2C30%2C%2C%2C%2C447%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629688838%3At%3A%D0%A5%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BE%D0%BA%20%D0%B8%20%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%D0%B9%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B8%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D1%84%D0%BE%D1%82%D0%BE%20%7C%20J-P-G%20%D0%B2%D0%B0%D1%88%20%D0%BB%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D1%84%D0%BE%D1%82%D0%BE%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3
strict-transport-security
max-age=31536000
access-control-allow-origin
http://j-p-g.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 23-Aug-2021 03:20:38 GMT
css
fonts.googleapis.com/ Frame 82CB 		3 KB
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 02:47:52 GMT
server
ESF
date
Mon, 23 Aug 2021 03:20:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 03:20:38 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 82CB 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 02:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 02:55:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 82CB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 03:12:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 82CB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 02:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 02:50:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82CB 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:38 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 03:20:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 82CB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:08:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 03:08:35 GMT
b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame 82CB 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 82CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDR1zBRQjYeuqN7aZrASH5IGwCf3-pMJk_8zn57EOmabuxscYEAEgub2iSmCVAqABt5vOvgPIAQGpAjDVE-QdobM-qAMByAPLBKoEpwFP0FM4LroXOLPao7TlKxa9RHRzxPepgvJDTGL75CFsyenQJQFauhXnPg0tIDJLPQPoBQWrPkhv6j_a1SC0vLPiaUspSy9-V_3RqnK7ULrTrJGyO-9zs5vS280IXAZb4g__rvILzDRHVCJP67ZaKMKHBy4acwr52fM_VAWo3naBtYj-SCIT53l_-7SFEYbrrI5lHDNxXYIrKwVp-5RO-TwuZ-gM5XJwH8AElu23nqIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB7HksUGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQxNUE0ggJCIDhgBAQARgfgAoByAsB2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTM5ODM1MTI4ODc5ODEyMTgYAA&sigh=HcFi-iwTQ5U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 23 Aug 2021 03:20:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Aug 2021 03:20:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D5FD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn-mkNzu2M5xfawZ8O2Fct2CabDNsXgCweI7ncZiV1eom1ZrZaWxM2vbsoCjJM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 02:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 82CB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95f894a24463cb5ee31af2e09db69b952d427902b231ff58e596f6b538f4402d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 82CB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:11 GMT
x-content-type-options
nosniff
age
443967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:11 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 82CB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:03 GMT
x-content-type-options
nosniff
age
443975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:00:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf880b7a7b1b91cb051d343019fa62ea605a2ea15c1560e3b0dd497d7cfed287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 03:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8409
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D5FD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn-mkNzu2M5xfawZ8O2Fct2CabDNsXgCweI7ncZiV1eom1ZrZaWxM2vbsoCjJM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 03:20:38 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 23-Aug-2021 04:20:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 03:20:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 03:20:38 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame 4E0E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3983512887981218&output=html&h=600&slotname=2303900491&adk=3582482579&adf=1755224727&pi=t.ma~as.2303900491&w=240&fwrn=4&fwrnh=100&lmt=1629688837&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Fj-p-g.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1629688837710&bpp=31&bdt=252&idt=157&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3877121872305&frm=20&pv=2&ga_vid=697470565.1629688838&ga_sid=1629688838&ga_hid=33874567&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31060049%2C20211866%2C31062297&oid=3&pvsid=676994365502016&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nvHJlxoLp0&p=http%3A//j-p-g.net&dtd=173
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 03:18:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3983512887981218&plah=j-p-g.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 03:20:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E06C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://j-p-g.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://j-p-g.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 22 Aug 2021 22:03:57 GMT
expires
Mon, 22 Aug 2022 22:03:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
19001
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C297 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bb33621c26195226a8f472ceb9f0b39ee13a35bd744137a60784ddfec5aa8bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S9Pga9uQ2pKE57EULbSUgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://j-p-g.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://j-p-g.net/

Response headers

expires
Mon, 23 Aug 2021 03:20:38 GMT
date
Mon, 23 Aug 2021 03:20:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-S9Pga9uQ2pKE57EULbSUgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame E06C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 03:18:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=676994365502016&bg=!cnGlcTXNAAZvV8FTb1c7ACkAdvg8WoFW-CFEk-8ASrgrSmrH_r8nAeW45vR4MjMvB2ptxZlEdf2XAAIAAABEUgAAAApoAQcKAMCGE-I2uDGFvWfstY-fvWeuBHdbdKrxPCkUhNorlANYq8hhA2yJXBaPA8BTkkMuwFtKkUTuCckir-WvS1gsWzBp1NMamlXLl9Pf9zvk5mdFNYWz-pKnQky8LeX4rqcDUDfW0S5HtiUt-q5m9Lnb2MVvc8aLyH4iq_Y492CjeTmCCbn77qGxOEjP-TS6i7OXaX88qSUuCCTiT1QIijSm3weObkVY0A3Vk844GDOpwb-Z3um3OyrEw2_7gLSH9VpR03KZAmX0NAR_gJNb9E5iJrpl4veoAQyqhyGnK-M-35LcsOILMLKy278btruPcMNdECtRLv1k17qFGUvZjE7X8IkSDKgSZoFcLvxErSyGZj0EX9wa9vWJbqPyEZ5hWHf06givf5yg_oD1ND14QTvLbPQZWT1gyQK4ECoQNHs9V0IOo2C8uy5B_JX4Fcpn9_fH1d2svNgI6V5BUXzyd0hxCEFd2es8kcOc8Fc6GDLqbCHhOwpBtYqJ5Vyk8chqIo_U0J84D8UymfkEr7DlRBgwgvUIUQCNgYurP-zT3lVYl_5kM7fHjecVjTAdP4QCkxIJLoI-o3BEuR3ouyNOKFdcoufK4orA9ORQ0_4qr0kQg0oguQXNt7ZBG4psglqR9wkEbb1cfoBnnD4lAOrVTLOQCJyx3vVisBjfv9cjy2nliIQEKwh_RAgc7lRs9G0Jgmui6BVtPh-7e97f5SavmJyybPVdsBhkSIwYqbYmjyfxML5aM6NMNQUvYxjhTQhRlYXVNu-TfoHEhtcoqpAI__NhK43HyTxWKGkVdjoWxmaMaZWxtWsbaue-ZcK41ZEqU1SCTiWKzKbtmO4W96M4M8_sHP4wZkM1YZAtw6OmgQig-9F1ZDvUcc27yagKRHePnkwpX-bnxyixUB0kFvJ7oxciRLK0trGQhZvygnIUQfDynnloBjogYkwEkkPTOan2vCrvUZ3UxNcPdvHT84mYSJ_Yfa-oRa151B8kz_1oZSqLQAguhSYZKuwdVytfjCY9HuK6XVZRRaOiXovszgLUFB2rnd3bwPehN-mWoM-6ZL3wy3L9X--4_ARhUknD
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://j-p-g.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 03:20:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 82CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw3dm5OPPQw2iEyhe6MzaK0e4XHZI8ra6fEvrD9VH17RqbWj25CsRIqux22pIZgPyCYo2mYc0JUd0P0QyRsngb0WxMiZBA6QVpscTSXsRHTH24wBi_3Ma_zXYy9A&sai=AMfl-YRnLROU52VuhZwQ15vcg2NDzczDETwQP6nUWT_OPAbcGv7uThzcUrPnebn4ruCZsw8vod-wNuW8umjl&sig=Cg0ArKJSzNM2LDv7g_iREAE&id=lidar2&mcvt=1000&p=516,5,1116,245&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3582482579&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629688837888&dlt=518&rpt=92&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 03:20:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| docSel function| Form function| modal function| modalclose function| $ function| jQuery object| StyleFix object| PrefixFree object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| reformalOptions object| google_persistent_state_async object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| Reformal string| prop object| Tab object| Widget string| str function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Ya object| yaCounter36833945 object| googletag object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUn-mkNzu2M5xfawZ8O2Fct2CabDNsXgCweI7ncZiV1eom1ZrZaWxM2vbsoCjJM
.j-p-g.net/ Name: _ym_visorc
Value: w
.j-p-g.net/ Name: _ym_uid
Value: 1629688838451987275
.j-p-g.net/ Name: __gads
Value: ID=d2a922cdd5c9908e-22555c36b3c900b0:T=1629688837:RT=1629688837:S=ALNI_MakwFs-LGF6SODVC4mM_1Wq6EbY8g
.j-p-g.net/ Name: _ym_d
Value: 1629688838
.j-p-g.net/ Name: _gid
Value: GA1.2.1760672846.1629688838
.j-p-g.net/ Name: _ga
Value: GA1.2.697470565.1629688838
.j-p-g.net/ Name: _ym_isad
Value: 2
j-p-g.net/ Name: PHPSESSID
Value: sfi7o4a9v5njoqq80eduvb5925
.j-p-g.net/ Name: _gat
Value: 1
.j-p-g.net/ Name: _gat_gtag_UA_177202692_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
j-p-g.net
log.reformal.ru
mc.yandex.com
mc.yandex.ru
media.reformal.ru
pagead2.googlesyndication.com
partner.googleadservices.com
reformal.ru
stats.g.doubleclick.net
tab.reformal.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
139.162.151.130
142.250.185.98
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9b
2a02:6b8::1:119
88.212.201.198
91.211.88.52
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
0488fbb2f579f5e2fcd3415b346d62c2bf59f8ecda661ae84c1262f96cb47a5a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a7323caffa56f81335acbce8066c1154d23666a2fb3fc7049c22a41c8e12f00
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3520d229bd767ee2d1a5078c2fd33dac025dabc8421fab155f4dd0760243be66
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
49516b98a57922f88d75b22495ad4e1772b5db8397a90aaa649c9e8b2d362e95
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50376f8e6c8210557ecaf1010d6adf833c4ba05a3a97391c6b6f342fdd3c516a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aee01ec435fb8dca18fcce4f10324a1813d5c1006df335ade5be314373449d5
5bb33621c26195226a8f472ceb9f0b39ee13a35bd744137a60784ddfec5aa8bc
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6a636cfabb41c577fdfc7dccc0f95010390493e3f31e61da6ff949504f266774
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
715523c7dab4a14b1585722278a2e4f48c454031fd12484b4dbae5fb71b1a968
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
7f12ae569ada461896fd0b8c68a0464d0d3da01c313c5e9d69130c4a765b7633
82617f3ecac312a32142c89d22a84dd7ea96673322a4b191384a9e14c71e9b7b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
92ae9164e146e6632e225064e9fe8a93046ccd91978ac0831fe47802c3a0c2f1
95f894a24463cb5ee31af2e09db69b952d427902b231ff58e596f6b538f4402d
9c84480525c8764a1938681c29ba678902f6e29007a34f7696a2904047fff574
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab3d95e7137d330aa4d1ec6588304342a6cc883f82b0936d8e3ef0084ac34356
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
bf880b7a7b1b91cb051d343019fa62ea605a2ea15c1560e3b0dd497d7cfed287
c28a766c97866e796acbde137795496708e0092eaa0b20346eb41d1f0879d9aa
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c873df6204344499c2aeef97ecaf73089cc82280c3a478d382f2701ae572289f
d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
dd1b6d1dce399f8205c9eb2580701001ff72e303e0bb46b0b52685e44cdb9fd4
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31fa4180d82e69170b3e8d68b3eec4a375afcb25ddcc6a36c7cb343feee9105