www.jagoanssh.com Open in urlscan Pro
2606:4700:3035::ac43:b6be Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ge.vmes.xyz/
Effective URL:
https://www.jagoanssh.com/
Submission: On June 23 via manual (June 23rd 2021, 8:44:56 am UTC) from IN

Summary HTTP 136 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 21 domains to perform 136 HTTP transactions. The main IP is 2606:4700:3035::ac43:b6be, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.jagoanssh.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 19th 2021. Valid for: a year.

This is the only time www.jagoanssh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.38.158.148 54.38.158.148	16276 (OVH) (OVH)
1 2	2606:4700:303... 2606:4700:3030::6815:12a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:303... 2606:4700:3035::ac43:b6be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:ce00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:f800:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	23.21.55.36 23.21.55.36	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
136	24

1 54.38.158.148 (Germany)

ASN16276 (OVH, FR)
PTR: vps-166c69d4.vps.ovh.net

ge.vmes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:12a4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jagoanssh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3035::ac43:b6be (United States)

ASN13335 (CLOUDFLARENET, US)

www.jagoanssh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:ce00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.21.55.36 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-55-36.compute-1.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	406 KB
27	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	244 KB
24	jagoanssh.com 1 redirects jagoanssh.com www.jagoanssh.com	576 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	162 KB
7	google.com 4 redirects adservice.google.com www.google.com	2 KB
5	googletagservices.com www.googletagservices.com	177 KB
4	jsdelivr.net cdn.jsdelivr.net	11 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	optad360.io get.optad360.io cmp.optad360.io	224 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	760 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	19 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	455 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	440 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	vmes.xyz ge.vmes.xyz	1 KB
136	21

	Domain	Requested by
34	tpc.googlesyndication.com	ge.vmes.xyz googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
22	www.jagoanssh.com	ge.vmes.xyz www.jagoanssh.com ajax.cloudflare.com static.cloudflareinsights.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com ge.vmes.xyz googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	cdn.jsdelivr.net	www.jagoanssh.com ajax.cloudflare.com get.optad360.io ge.vmes.xyz
4	fonts.googleapis.com	www.jagoanssh.com googleads.g.doubleclick.net tpc.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	www.google-analytics.com	ge.vmes.xyz www.google-analytics.com
2	get.optad360.io	ajax.cloudflare.com get.optad360.io
2	jagoanssh.com	1 redirects ge.vmes.xyz
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cmp.optad360.io	ajax.cloudflare.com
1	static.cloudflareinsights.com	www.jagoanssh.com
1	ajax.cloudflare.com	www.jagoanssh.com
1	ge.vmes.xyz
136	28

This site contains links to these domains. Also see Links.

Domain
serverssh.net
panel.jagoanssh.com
fakemail.my.id
linkconfig.com
play.google.com
facebook.com
jagoanssh.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-19` - `2022-04-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.jagoanssh.com/
Frame ID: 7FD61A1049C9E7D221A5CE82A035EC1A
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html
Frame ID: 96B0FA45F77445F08DF48875E25F817B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&adk=1812271804&adf=3025194257&lmt=1624437871&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jagoanssh.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871734&bpp=3&bdt=484&idt=105&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6409373814358&frm=20&pv=2&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Frame ID: D4B010E835463281A914995AF6CEB576
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145
Frame ID: AC2B0A7A3B75DD033B174DF31ECF4311
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=869763061&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871739&bpp=1&bdt=489&idt=148&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NJoeW11Afj&p=https%3A//www.jagoanssh.com&dtd=150
Frame ID: 5412C38DAF2E840393CF0B44F9669178
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=3888832937&adf=39394180&pi=t.aa~a.1842426387~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1110x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=cLpCUBh9Ro&p=https%3A//www.jagoanssh.com&dtd=14
Frame ID: 3557A963472A7AD2494B5082132106D6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3809638822~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90&nras=3&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dBkMAX1aoc&p=https%3A//www.jagoanssh.com&dtd=17
Frame ID: 3D25DE100415D73785D29F39E8B87E6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=60&adk=2499841291&adf=3132389021&pi=t.aa~a.3809525152~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x60&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=787&idt=0&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90%2C1200x90&nras=4&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Qcnu5S4jg&p=https%3A//www.jagoanssh.com&dtd=20
Frame ID: F21B44C6BC4088D2AAFB49868AB50E96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html
Frame ID: BD6874E8B5FB5756B8882E4916333D6B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSzp3cPTSYNa8BM_z3wOw7q6wBd21k7ZjuayOrosOy_GmmP0lEAEg78biamCVAqAB6JnQ0gPIAQmoAwHIA0iqBLIBT9A47Zu-u2Ay7MkU52nAcTFRm1dMO0Y_Z4ZFUXXFtoybzC9VH8KLSDaPyln9fW9TeXhXrCa55XdesxmDJ6TRhL5fLjTu4caO2tltztRjZt7jHtz7G-9OnNL1tZu9al0fO2eIiStP7Q1tMGMAagesbuKp2s-9jt_pkPvT0Z4gleKdUhNnAfhY0VYtbrw2W3rXnVtD79n58RtBDJ9lexxHbF61GSvG2MMhBntDFddbaA5jP8AE9cDts8kDkgUECAQYAZIFBAgFGASgBi6AB4Dmry2oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQn8kG0ggJCIDhgBAQARgfgAoByAsB2BMK0BUBgBcBshcaChgIABIUcHViLTI2ODAwODU3NjY4ODAwNzY&sigh=KkNlewqmtI8&template_id=419
Frame ID: EC66AE9A595D5B32B82F275C09B5667C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4A8191A64BB3AF376133F50272286300
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: E43356374D28E3E1EACF83718337E9E0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74A860F0048DC65B6EE57A5021396C98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 55FBD8DB5C009371D9E522DC42534011
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 89E134E835B7404DE7B6B3BEDA268C6A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BAE690BF376C5E2B61FB410AB44CD639
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F855F66538B0DB432276B9BD5EBD486F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Frame ID: 98C1A8E7695935B0513C024A1AB2A1F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Frame ID: F8E7E08A84FE88AE52B5EB38EFEB3845
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ge.vmes.xyz/ Page URL
http://jagoanssh.com/ HTTP 301
https://www.jagoanssh.com/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

136
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

28
Subdomains

24
IPs

4
Countries

1834 kB
Transfer

4539 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://serverssh.net/
Title: ServerSSH.net New

Search URL Search Domain Scan URL

URL: https://panel.jagoanssh.com/
Title: PREMIUM SSH VVIP

Search URL Search Domain Scan URL

URL: https://fakemail.my.id/
Title: Fake Gmail

Search URL Search Domain Scan URL

URL: https://linkconfig.com/
Title: Linkconfig.com

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=app.s.jagoanssh_com

Search URL Search Domain Scan URL

URL: https://facebook.com/jagoanssh

Search URL Search Domain Scan URL

URL: https://jagoanssh.com/
Title: Jagoanssh.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ge.vmes.xyz/ Page URL
http://jagoanssh.com/ HTTP 301
https://www.jagoanssh.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 126

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKbLWJq0sfS0LL0TJqvyC9ggLNA9M62E3PMYbTsgc1J0aOu-z-vm6WzCRh6Qmh0xYUMIputUPvWxpNIjW4Hx23ylfTvJr4&google_gid=CAESEDwk4aInYlR2ZAc6MuCw-R8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5MMGNBQUFBY1c0cWgyZQ&google_push=AYg5qPKbLWJq0sfS0LL0TJqvyC9ggLNA9M62E3PMYbTsgc1J0aOu-z-vm6WzCRh6Qmh0xYUMIputUPvWxpNIjW4Hx23ylfTvJr4

Request Chain 127

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKDwZItPq3vxB9gJDl2BHFOdaoHkxKTJvQDqygM34rNWOpA4JtJ-CTsAufVwfcxSRugcN-ksLzMsXYDm9DWXAiTIdoR_2g&google_gid=CAESEGs2YhYbqr_m228cruqreoI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKDwZItPq3vxB9gJDl2BHFOdaoHkxKTJvQDqygM34rNWOpA4JtJ-CTsAufVwfcxSRugcN-ksLzMsXYDm9DWXAiTIdoR_2g&google_gid=CAESEGs2YhYbqr_m228cruqreoI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjMwODQ0MzMyMzA4NDc5MTE3MzI1OQ%3D%3D&google_push=AYg5qPKDwZItPq3vxB9gJDl2BHFOdaoHkxKTJvQDqygM34rNWOpA4JtJ-CTsAufVwfcxSRugcN-ksLzMsXYDm9DWXAiTIdoR_2g

Request Chain 128

https://rtb.openx.net/sync/dds?google_gid=CAESED2OI2u9QpvAQdr8DJ2S6So&google_cver=1&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESED2OI2u9QpvAQdr8DJ2S6So&google_cver=1&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494&google_hm=ssVVeV-QwQYpeGwAo_DS3g==

Request Chain 129

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK-I7DHWY3eaU4q-NDd9TI4&google_cver=1&google_push=AYg5qPJJggfoJK3IKtt4O8Mxxus2sWmey0JLs4QSnlT8RBnwOupnPZx7fHY-lOIbs_BOkc186LgEgtcYiEOW0Tq7g2zCat9ivFE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK-I7DHWY3eaU4q-NDd9TI4&google_cver=1&google_push=AYg5qPJJggfoJK3IKtt4O8Mxxus2sWmey0JLs4QSnlT8RBnwOupnPZx7fHY-lOIbs_BOkc186LgEgtcYiEOW0Tq7g2zCat9ivFE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jMnXwAFYQIyXlhKuh2Bgbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJJggfoJK3IKtt4O8Mxxus2sWmey0JLs4QSnlT8RBnwOupnPZx7fHY-lOIbs_BOkc186LgEgtcYiEOW0Tq7g2zCat9ivFE

Request Chain 130

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBQFphPaxC3_DNF-RQluMUs&google_cver=1&google_push=AYg5qPKhShE1kjaiTawFahT_Op5gcsYaHoLLl_3FPnpM67eb4lBavUvC4KB0Ra35lXWYEFe1CRY6tOuSTX2gxPeDgyt4ejCoKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E5OEQ4S08tMVYtOFQy&google_push=AYg5qPKhShE1kjaiTawFahT_Op5gcsYaHoLLl_3FPnpM67eb4lBavUvC4KB0Ra35lXWYEFe1CRY6tOuSTX2gxPeDgyt4ejCoKQ

Request Chain 131

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_cver=1&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

136 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
ge.vmes.xyz/ 2 KB
1 KB 32ms
8ms Document
text/html 54.38.158.148
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ge.vmes.xyz/
Protocol: HTTP/1.1
Server: 54.38.158.148 , Germany, ASN16276 (OVH, FR),
Reverse DNS: vps-166c69d4.vps.ovh.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9ba1a1bebdc7c7ab0c13d45a532c6dcd576227ad003d5d5fde4c6e6103d7caaf

Request headers

Host: ge.vmes.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 23 Jun 2021 08:44:25 GMT
Content-Type: text/html
Last-Modified: Tue, 16 Feb 2021 10:04:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"602b98bd-871"
Content-Encoding: gzip

GET
H/1.1 403
Forbidden favicon.png
jagoanssh.com/ 0
0 54ms
38ms Image
text/html 2606:4700:3030::6815:12a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jagoanssh.com/favicon.png
Requested by: Host: ge.vmes.xyz
URL: http://ge.vmes.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ge.vmes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

Primary Request / Show response
www.jagoanssh.com/
Redirect Chain

http://jagoanssh.com/
https://www.jagoanssh.com/

25 KB
7 KB

435ms
403ms

Document
text/html

2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/
Requested by: Host: ge.vmes.xyz
URL: http://ge.vmes.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 0c162b496040ef607eba3ac23a08c4567aa8bafa1fb806d8d54fb5df834657ad

Request headers

:method: GET
:authority: www.jagoanssh.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://ge.vmes.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ge.vmes.xyz/

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 0ad9a3e8fe00004ee65329f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PXEQt2%2FSkOkpsKo3tbEQI%2F%2BaTYZs9P0DjWSqfJ5RjOnY1eH6hWmBpUPGNo6A5Akz5IPRRVndSDkN4YsGob7lfuOAKORBpiUH%2BIRPHsig4jd35lTpIce0BhS1GXp2OWcE9k9Ug3VHEHgVb2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 663c6f54cdb94ee6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Wed, 23 Jun 2021 08:44:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://www.jagoanssh.com/
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 0ad9a3e7d80000dfcbfe9e1000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5R2XsE5Q5kkfc04aR7%2BJYkE39u16AW0tWBoFHwPJaONxuTJ5cUKgz%2FUHolJHPFp50KHlVyFwg1yXejft0so%2F0L2TXc1jWSOhicyC7EqL0OQQA%2FRZSMPWtz35%2FRdgGfYpV1laYKfmUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 663c6f52fb53dfcb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 4 KB
637 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f560b5f8e34f59c0aff734c9a8baccf493750c85e4b7d3edb6cd1d88518a16ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 07:04:29 GMT
server: ESF
date: Wed, 23 Jun 2021 08:44:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Jun 2021 08:44:31 GMT

GET
H3-29 200 styles-merged.css
www.jagoanssh.com/scss/css/ 236 KB
33 KB 52ms
37ms Stylesheet
text/css 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/css/styles-merged.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46c13313e4835d59e0e9bf14076cefe63b6614b96c468fc6c0cfc190b81474a

Request headers

:path: /scss/css/styles-merged.css
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 431318
cf-polished: origSize=276442
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3eaa700002c2610905000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=47sT3xjTxYGIsW7XXSl0hq%2FVaLhPh8rVfEa2LCSUt7qhLi0WVCHdfN%2FaN0MyPXuoEAMs1zzNxzeOHjkrTP1k8ydwBtQEoNm19ysLwVe5gN5IEKUpEoMei0CXr978RTFtJEhD8gjNZWtbgNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f577abd2c26-FRA
expires: Fri, 25 Jun 2021 08:55:53 GMT

GET
H3-29 200 style.min.css
www.jagoanssh.com/scss/css/ 27 KB
5 KB 58ms
43ms Stylesheet
text/css 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/css/style.min.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222c42671cdedbe826aaf231f6b1119d9d49adff13100d82c2cc297d086ca12f

Request headers

:path: /scss/css/style.min.css
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 434490
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3eaa800002c26ca1ef000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nFFSHiD6EVF9Xgsvk6BULDFCHY1nqeztZropL4ql%2Fb3VlpX%2FZztNhPFSNwtT4Fx9HdViLBW0DVc6Guq%2Fq7u2DIwmcimaePadykyxRunr2lf9CpgB%2F3EPDZuIpPVQE3tOtKESD9rTcQaGPKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f577ac72c26-FRA
expires: Fri, 25 Jun 2021 08:03:01 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 78ms
60ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30105
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3eacd000005d451139000000001
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 663c6f57a88f05d4-FRA

GET
H3-29 200 bootstrap.min.css
www.jagoanssh.com/scss/lib/lib/bootstrap/css/ 152 KB
21 KB 73ms
59ms Stylesheet
text/css 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/bootstrap/css/bootstrap.min.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

:path: /scss/lib/lib/bootstrap/css/bootstrap.min.css
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 434490
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3eaa600002c2622971000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oA4ZH%2F86zK7xYeRRu%2FgulD1L31WiwIgdhRTlbciFxg%2FcPFZPVqWl6tOl74tMTyXVU69Rj%2ByfDi5Z0KZ3c54xQONxDl7ugI5hwzUFRJBVMIb0R5Vuo%2BEaQGUEIUewM2ZB50NzSdlVfpI0UWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f577ab82c26-FRA
expires: Fri, 25 Jun 2021 08:03:01 GMT

GET
H3-29 200 style.css
www.jagoanssh.com/scss/lib/css/ 20 KB
5 KB 51ms
37ms Stylesheet
text/css 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/css/style.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fefc8f3269d15253364ace26d45d4946773d435a6f0bab3e5890b91c3cd7f58

Request headers

:path: /scss/lib/css/style.css
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 434490
cf-polished: origSize=26956
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3eaa700002c26092ea000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=td8X%2Bz3scycUaKHQzPbQmvpVicq8XDOG%2F5F5b29D%2Fw0lBrt6DTGckeW8Zuh52G4ZRu8HkaiCUT%2BQPWYNk9Su5yQopPA%2BYUAiQOMnRiaoUyCFPppf%2FNonYzQFEdmshSVLC1gUVYoj2tN5QAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f577aba2c26-FRA
expires: Fri, 25 Jun 2021 08:03:01 GMT

GET
H3-29 200 font-awesome.min.css
www.jagoanssh.com/scss/lib/lib/font-awesome/css/ 30 KB
7 KB 50ms
37ms Stylesheet
text/css 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path: /scss/lib/lib/font-awesome/css/font-awesome.min.css
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 434490
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3eaa600002c26d10b5000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RvA%2Biohn2B4EXLZU330WvcoxhxubOoVBGooKfblgomnRkBqI6y0jT6WQmimNCKGS79zee9DCxZpgNj751kJ7Zjmw7QPkUTA31fvLGj5%2BWpqUtnJ1HSVaBFDF6qEjnBc5q0hjtEpuLDbMtiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f577ab42c26-FRA
expires: Fri, 25 Jun 2021 08:03:01 GMT

GET
H3-29 200 api.js Show response
www.jagoanssh.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 29ms
17ms Script
text/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jagoanssh.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wtsbNaE0gYUxL2EnobVt6633rnna37S8ScGsp7wfAWMOm%2B%2FJXHow1k7O5cFDTo%2F94SQZUY4qjqa6wvMtO9OGz3agembOWShAVPgR5kh%2BFmu2D7ZsB1BVeVcUyd2tV3CUq7mqKKR9%2FkcthwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 663c6f576aaf2c26-FRA
cf-request-id: 0ad9a3eaa600002c2615879000000001

GET
H3-29 200 logo.png
www.jagoanssh.com/ 3 KB
4 KB 55ms
43ms Image
image/png 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jagoanssh.com/logo.png
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c80429c52cd9db6bc35484ca9251b5717b93e77249d12d14b3d9d1d691756ed

Request headers

:path: /logo.png
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426737
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3300
cf-request-id: 0ad9a3eaa700002c26c087f000000001
last-modified: Thu, 21 May 2020 08:32:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bk17fMbvvO8pH8YG8UUSn2V7KB%2Bx%2B7i%2Btf6l%2BAReowxlIbQJnhRyncxEZeCgmKtX8J2kzhdp4ELs1oOOcsqiit3pxklD9brvrM78E8k%2BzOt6T7v7F%2Fn60OMwdWwlQZLhdHwGizMgVa7O7ss%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 663c6f577ac12c26-FRA
expires: Fri, 25 Jun 2021 10:12:14 GMT

GET
H3-29 200 home.png
www.jagoanssh.com/negara/ 196 KB
196 KB 36ms
24ms Image
image/png 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jagoanssh.com/negara/home.png
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b06e0d559619508a6177a8e15e9b280c75fe70f53f0205a23ffcd5c05529a6

Request headers

:path: /negara/home.png
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 431827
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 200221
cf-request-id: 0ad9a3eaa900002c26ff076000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p7llLHM6Vt3ncyylESFgldZPtRewP6ZMMFXmtyFWszB14XkgALcCMt4Gc0hVVSdTxN2nyKG%2FCzvzDrXh7GrAs8Yn6Cfy37f1GNayZBHuTJzMzzms8WxZjqT58UuKKKf8t4cOW8yoBFDW6BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 663c6f577ac82c26-FRA
expires: Fri, 25 Jun 2021 08:47:24 GMT

GET
H3-29 200 playstore.png
www.jagoanssh.com/assets/img/ 14 KB
14 KB 68ms
56ms Image
image/png 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jagoanssh.com/assets/img/playstore.png
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2

Request headers

:path: /assets/img/playstore.png
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426708
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13957
cf-request-id: 0ad9a3eab100002c26d10b7000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QpWtQFR4efKeLDI3EvX5qGv%2FiB89Oh44rQ6pdHD4aaaLJSblN8G0qnNaVZi1fWSjWrIH8aRS%2F%2FjoOQoNrRtHXtF6cm3n%2FkO07usqwWhNBIY8%2BQzJ3LzNtfqU9g5Yq26o2AXR3LXn4Vuae9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 663c6f577ad42c26-FRA
expires: Fri, 25 Jun 2021 10:12:43 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 32ms
15ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0ad9a3eaab00004a8c1ca80000000001
last-modified: Thu, 17 Jun 2021 15:00:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60cb6384-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g4XAQ355nv5a3ngBPyqlrZ6lScn9iyRRMJl1wViJOxN%2Fz977azanKmVtaN2XA1uYwoblA%2BzDw%2FSM45PkHdQFsID6xbSY5%2FBZ9AY%2FmA5RLGKv8oHEctamVIKbD4V8rSnQtp5PKwDuxfzQBFMS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 663c6f577f7b4a8c-FRA
expires: Fri, 25 Jun 2021 08:44:31 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 37ms
20ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 663c6f577a4e4e55-FRA
cf-request-id: 0ad9a3eaaa00004e55cda80000000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b915f4567c6e55446666f380049d6e9cc3f2163e50fbec8574055bbf52ade1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48968
x-xss-protection: 0
server: cafe
etag: 10883984230884713027
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 08:44:31 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/c6f8c30d-4170-4f53-a776-7df23b30ed96/ 260 KB
70 KB 55ms
28ms Script
application/javascript 2600:9000:21f3:ce00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/c6f8c30d-4170-4f53-a776-7df23b30ed96/plugin.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25034c9c88a69add90e541bebccdd91b3849ec5ea87dd951059a061dbc8a0895

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
last-modified: Mon, 14 Jun 2021 14:50:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"70028b1b63ada0b086be27421a1a02a7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: Ak6z9zBOE9QJjWo1APz7fVEnls34_JoU6-WwalJuNfuEfeN_e1cAKA==

GET
H2 200 b02348b7-caa4-4677-a45e-7ba919f7ead6.min.js Show response
cmp.optad360.io/items/ 497 B
832 B 42ms
16ms Script
application/javascript 2600:9000:21f3:f800:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/b02348b7-caa4-4677-a45e-7ba919f7ead6.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 02:09:38 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
age: 26676
etag: "7acdc116a0830ba0aef5e087010246ba"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 497
x-amz-cf-id: JXpM6D-OjnmEHmb17e_qywnM3fNqvIn9jZmS3_-MzzndT744FM3NjQ==

GET
H3-29 200 fontawesome-webfont.woff2
www.jagoanssh.com/scss/lib/lib/font-awesome/fonts/ 75 KB
76 KB 18ms
18ms Font
font/woff2 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://www.jagoanssh.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
:path: /scss/lib/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.jagoanssh.com
Referer: https://www.jagoanssh.com/scss/lib/lib/font-awesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 430150
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
cf-request-id: 0ad9a3eafd00002c2601886000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QlM8xgpC81w%2Bv%2B7bgVWsP73JpSHYqgz6zFyW%2FbSvccBPTYrLdNOOM%2B9QsTBiUeoq7hRUhTwIJWUhmGMdoyH9wlA6rzHyVra2Dh4CsTL6RUPeoiVj%2F0U5hL2c8QjA35GxmNWu1Q5p6tAm3%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 663c6f57fc1d2c26-FRA
expires: Fri, 25 Jun 2021 09:15:21 GMT

GET
H3-29 200 icomoon.ttf
www.jagoanssh.com/scss/fonts/icomoon/ 207 KB
108 KB 36ms
36ms Font
font/ttf 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/fonts/icomoon/icomoon.ttf?1z9v6x
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/scss/css/styles-merged.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d7391a8f93ff6e63fe238c1dfd7bb919404698e85e7de72534821cd91b0ff49

Request headers

sec-fetch-mode: cors
origin: https://www.jagoanssh.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0
:path: /scss/fonts/icomoon/icomoon.ttf?1z9v6x
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/scss/css/styles-merged.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.jagoanssh.com
Referer: https://www.jagoanssh.com/scss/css/styles-merged.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426737
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3eafd00002c263c9c1000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4vKXdkS13Po5%2F%2F%2BnbG1eVPWml1SS%2Fcf1k7abumm1ZmI2bVMpbhjxEji3J7koiFpJRZpztiD4Fw%2Bboir6iVS6OudqGBzzWWdP3fOfxiXCMSqX5mnXsbEUlyp8Agektay%2F66O3bD8HFzKWdVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f57fc1e2c26-FRA
expires: Fri, 25 Jun 2021 10:12:14 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v12/ 36 KB
36 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v12/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jagoanssh.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:39:36 GMT
x-content-type-options: nosniff
age: 61495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36444
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:48:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 15:39:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ge.vmes.xyz
URL: http://ge.vmes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3863
date: Wed, 23 Jun 2021 07:40:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 23 Jun 2021 09:40:08 GMT

GET
H3-29 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 41ms
30ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6873
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ec460000c2db7d181000000001
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 663c6f5a0c25c2db-FRA

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106180101/ 233 KB
86 KB 45ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2680085766880076&plah=www.jagoanssh.com&amaexp=1&bust=exp%3D31060975

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21a147fa80c2bdf02d39ce7f2bfdd7b6302d47258b3d53d0fcca545960e3ac95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88139
x-xss-protection: 0
server: cafe
etag: 8436230985141189727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 08:44:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/ Frame 96B0 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210621/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 22 Jun 2021 12:48:00 GMT
expires: Tue, 06 Jul 2021 12:48:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 71791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 result Show response
www.jagoanssh.com/cdn-cgi/bm/cv/ 0
699 B 9ms
9ms XHR
text/plain 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/cdn-cgi/bm/cv/result?req_id=663c6f54cdb94ee6
Requested by: Host: www.jagoanssh.com
URL: https://www.jagoanssh.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.jagoanssh.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=663c6f54cdb94ee6
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VpVa8zUnW6%2BcCbQQLbemt5N90iNGkJvG1XWpWqPfDi%2BGs%2B%2BY9W15MngPxsQv%2BA165I2I0Qdm6GMAIeORcLgJYcPT2ikl%2F9wkar5NopSGc19VdPSevj8p%2FXRwNd2ZJC%2FGxu6ljxbWCZRBffU%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; path=/; expires=Wed, 23-Jun-21 09:14:31 GMT; domain=.jagoanssh.com; HttpOnly; Secure; SameSite=None
cf-ray: 663c6f5ab9bf2c26-FRA
cf-request-id: 0ad9a3ecb400002c26f4035000000001

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1741500348&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jagoanssh.com%2F&dr=http%3A%2F%2Fge.vmes.xyz%2F&ul=en-us&de=UTF-8&dt=Faster%20SSH%20Tunnel%20Accounts%20and%20Faster%20VPN%20Tunnel%20Accounts%20-%20JAGOANSSH.COM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=606598944&gjid=697489877&cid=1750665867.1624437872&tid=UA-120286388-2&_gid=1369457397.1624437872&_r=1&_slc=1&z=185713522

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jagoanssh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 scripts.min.js Show response
www.jagoanssh.com/scss/js/ 243 KB
71 KB 41ms
41ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/js/scripts.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1dc026afdd8a9e5885ad5f6c3ad2d233358f4490d02b26567dbaa6d609f5963

Request headers

:path: /scss/js/scripts.min.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426734
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ecd000002c261093b000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OBJAmJA9FNDchUw01AvtGd7gv1dsZKq9ujk3P7WXegJgq8%2FiUx5wU2vuOl11YQkIfGrglJlp4bkeI7jH5MlCrigdVDzqMo8UxHO4x%2FKizQvDlxPbr4xpTkWfP0%2BJoRZxb6i7PqTWgzL50Xs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5aea402c26-FRA
expires: Fri, 25 Jun 2021 10:12:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 14ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/c6f8c30d-4170-4f53-a776-7df23b30ed96/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

587e5dcc8f46edd11125d20dee651ebfee4c24c16fe7d969698466414e29f862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "910 / 742 of 1000 / last-modified: 1624400114"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21784
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:31 GMT

GET
H2 200 prebid4.39.0.js Show response
get.optad360.io/sf/ 492 KB
153 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:ce00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.39.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/c6f8c30d-4170-4f53-a776-7df23b30ed96/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:15:15 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 10:44:35 GMT
server: AmazonS3
age: 793757
etag: W/"e020700f5effdce1f4be56434553da72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fBqdBZk3RraQgcANjAxWOIbQU4xpnJrZREgRcgvzbn7hxFHcsM2Ttw==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
440 B 16ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.jagoanssh.com&callback=_gfp_s_&client=ca-pub-2680085766880076

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2680085766880076&plah=www.jagoanssh.com&amaexp=1&bust=exp%3D31060975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a1984a0aca9fa2565098d27218754d8f2cfc25ecaaaa22ecb198833dc1548b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jagoanssh.com%2F&tn=DIV&cls=cc-window%20cc-banner%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-color-override-688238583%20cc-invisible&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jagoanssh.com%2F&tn=HEADER&id=header&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4B0 11 KB
1 KB 97ms
97ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&adk=1812271804&adf=3025194257&lmt=1624437871&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jagoanssh.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871734&bpp=3&bdt=484&idt=105&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6409373814358&frm=20&pv=2&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288930fd3e6c950c5d61f200fa759eb03becd66cf3135b7190d6ac3ec1975179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2680085766880076&output=html&adk=1812271804&adf=3025194257&lmt=1624437871&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jagoanssh.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871734&bpp=3&bdt=484&idt=105&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6409373814358&frm=20&pv=2&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Jun 2021 08:44:31 GMT
server: cafe
content-length: 1091
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Jun-2021 08:59:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:31 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274983153827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27713
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:31 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-2680085766880076&c=2&e=2570847921467975139&n=0&t=0&w=618&x=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC2B 80 KB
26 KB 561ms
560ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d0570b62f7251fef2b362ecf44f38649afaa4823a3655c515220cb886b83a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Jun 2021 08:44:32 GMT
server: cafe
content-length: 26341
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Jun-2021 08:59:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5412 68 KB
23 KB 437ms
436ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=869763061&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871739&bpp=1&bdt=489&idt=148&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NJoeW11Afj&p=https%3A//www.jagoanssh.com&dtd=150

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd6a3a330bedbb3a928f7a266d8d0bc3bd3d7f9b832a1583796beac05a85c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=869763061&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871739&bpp=1&bdt=489&idt=148&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NJoeW11Afj&p=https%3A//www.jagoanssh.com&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Jun 2021 08:44:32 GMT
server: cafe
content-length: 23823
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Jun-2021 08:59:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

GET
H3-29 200 pubads_impl_2021061703.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
113 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 23:53:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116094
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:31 GMT

GET
H3-29 200 main.min.js Show response
www.jagoanssh.com/scss/js/ 5 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/js/main.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06a882621fd2557172ac1c9e65e2487e6c4b0ed9c9658472911b347451b82fb

Request headers

:path: /scss/js/main.min.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 414675
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ed3200002c26d434c000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U4H2OLcAXxumHa4KISE9Ir4ts0juu27%2FaHhm64GkKTZ0LVP%2Fub4zgCledmJScRcR8yVkjyZwazf8hK52WEe211UoM96IuyZZHvLoqZ81YxRLBibdpj1Yse520RybgnYyNjs%2B0e4jG7gdfmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5b8bb52c26-FRA
expires: Fri, 25 Jun 2021 13:33:16 GMT

GET
H3-29 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 29ms
18ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210623

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3349c2143fdc09944647ebc6bb8b8a8e9c6df4a3c37008b8cf87f1747486de1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Jun 2021 08:44:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20563
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ed580000dfd7b8994000000001
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"69b-C9Ar6iuhIf3miE8OAJabtfNqEjk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 663c6f5bca87dfd7-FRA

GET
H3-29 200 jquery.form.min.js Show response
www.jagoanssh.com/assets/js/ 15 KB
6 KB 25ms
25ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/assets/js/jquery.form.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa82c9b5a2c86dbc50c757299b8afa6bdbc839e83501cac455f04195af74cb1

Request headers

:path: /assets/js/jquery.form.min.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426734
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ed9000002c26ddbb2000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k%2BldpQUpFYe4sLAFhVWrxsP5%2FcA8TS4wUS970C4aT3j2iC%2FE1vYw%2B3TwLkTSMZqXmLUKi0e%2BVJsCeIEF8ZIgpUcAHMVfKFcTJjDlwAI5qWynXzPl20wmemtnV2tgnMSgFD5ugkmF4jc1Yb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5c1cde2c26-FRA
expires: Fri, 25 Jun 2021 10:12:18 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jagoanssh.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3557 58 KB
17 KB 356ms
356ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=3888832937&adf=39394180&pi=t.aa~a.1842426387~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1110x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=cLpCUBh9Ro&p=https%3A//www.jagoanssh.com&dtd=14

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4701b58a1e467949af86d809ee91de14c3b6b239cb0bafcc08d0579bc87d1299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=3888832937&adf=39394180&pi=t.aa~a.1842426387~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1110x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=cLpCUBh9Ro&p=https%3A//www.jagoanssh.com&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Jun 2021 08:44:32 GMT
server: cafe
content-length: 17549
x-xss-protection: 0
set-cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; expires=Mon, 18-Jul-2022 08:44:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D25 111 KB
35 KB 211ms
210ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3809638822~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90&nras=3&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dBkMAX1aoc&p=https%3A//www.jagoanssh.com&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e62ee7494f3efc920a6791b7790fd6e9c8512e5b6b2373343f55f7bfd59b0085

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNa0zNKurfECFc_5dwodMLcLVg&gqi=cPTSYKnvA82RgQeO4Tg&layout=/sadbundle/%24csp%253Der3%24/28910999431938054/728x90/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3809638822~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90&nras=3&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dBkMAX1aoc&p=https%3A//www.jagoanssh.com&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNa0zNKurfECFc_5dwodMLcLVg&gqi=cPTSYKnvA82RgQeO4Tg&layout=/sadbundle/%24csp%253Der3%24/28910999431938054/728x90/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Jun 2021 08:44:32 GMT
server: cafe
content-length: 35836
x-xss-protection: 0
set-cookie: IDE=AHWqTUkNJOdizL98umcHsj-4N6BiAHqwpR50qAqP5R_odyxcv7cWMGHXG5Bc_l__Bwo; expires=Mon, 18-Jul-2022 08:44:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F21B 436 B
234 B 142ms
142ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=60&adk=2499841291&adf=3132389021&pi=t.aa~a.3809525152~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x60&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=787&idt=0&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90%2C1200x90&nras=4&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Qcnu5S4jg&p=https%3A//www.jagoanssh.com&dtd=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac128e0d2460388e65e203dd9d68a73b2aec5882fc8ae3009644c38a68405e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2680085766880076&output=html&h=60&adk=2499841291&adf=3132389021&pi=t.aa~a.3809525152~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x60&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=787&idt=0&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90%2C1200x90&nras=4&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Qcnu5S4jg&p=https%3A//www.jagoanssh.com&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Jun 2021 08:44:32 GMT
server: cafe
content-length: 210
x-xss-protection: 0
set-cookie: IDE=AHWqTUmPgHeERZtNN5YAIfvW56RVvuqHaBzhq8OLymPJHyF9EH35mjgPHIP4bONLUjE; expires=Mon, 18-Jul-2022 08:44:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

GET
H3-29 200 app.min.js Show response
www.jagoanssh.com/assets/js/ 3 KB
1 KB 21ms
21ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/assets/js/app.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2026897e9821c921336dd6142e512eecd6a61efb6087bc23e37534299f0925

Request headers

:path: /assets/js/app.min.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426765
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3edcf00002c2613068000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mWjN30J%2B4Q1yDDG2fYxF%2FfJzn6h5vryh6KAg8suW5VLBcApMSotsai8zdt7BdxFOQ5pEjrJ3jpIrRcJWvLpIGHN0kKizeSkrT5iD8GKW0AnadZrb0KF1kZ%2FvF9w0gQ8BRk%2BUaF7IQmF5mI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5c7db22c26-FRA
expires: Fri, 25 Jun 2021 10:11:47 GMT

GET
H3-29 200 mobile-nav.js Show response
www.jagoanssh.com/scss/lib/lib/mobile-nav/ 1 KB
1 KB 32ms
32ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/mobile-nav/mobile-nav.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098bba5625937d07d651f3e13ba23aa1696bb92252b69e3f5a16a5b69800b0fa

Request headers

:path: /scss/lib/lib/mobile-nav/mobile-nav.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426727
cf-polished: origSize=1413
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3edef00002c26263ef000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ulM1ewPtmwtx09mNMLs211f0HsvdfBJzPk8EIR6XtNuZABe6YZobm1p4WO7Il4pazgVtZXQluJ%2FzCgzVHWFVDHfYxFPn6TvmGsGfKTRM3Z4tQ%2BlxxA%2BsdygrTO1tbL8jaPVY6lnsloPgY78%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5cae892c26-FRA
expires: Fri, 25 Jun 2021 10:12:25 GMT

GET
H3-29 200 wow.min.js Show response
www.jagoanssh.com/scss/lib/lib/wow/ 8 KB
3 KB 18ms
17ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/wow/wow.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d76008b112ea700919e9ec1ef978f6c4a8d7e94ccf4594920486625d6f36486

Request headers

:path: /scss/lib/lib/wow/wow.min.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426726
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ee0800002c2637948000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U2JJuzwziox27XVs1waw2Oe%2FGJvtcB1bnsocsf0OYf3PGYfmKCzFjkIXySKZdaA1oQL6LEACC%2BtEybZmTMqSuE6AgJRC4u98SXmm%2FuzZ1hcvOG1AxfgTSb%2FnaVctjeAznuW2SknOAbYpBBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5cdf0f2c26-FRA
expires: Fri, 25 Jun 2021 10:12:26 GMT

GET
H3-29 200 waypoints.min.js Show response
www.jagoanssh.com/scss/lib/lib/waypoints/ 9 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/lib/waypoints/waypoints.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

:path: /scss/lib/lib/waypoints/waypoints.min.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426725
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ee4c00002c2628a20000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B%2FjeUGjf1kv6BytNZ7zobBdzaSv3w%2FBVEiiAM3nnvA3wuhy6lG0MCnmyQsId6A2k8IA1%2Bm7WqX%2FDjtT9ADTYHsBVp8HJ1F99EgdS9BnKAN1OiUS4VsCZmszVfQpmfnNvbF6ebKtEO8NV0PU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5d4ff22c26-FRA
expires: Fri, 25 Jun 2021 10:12:27 GMT

GET
H3-29 200 main.js Show response
www.jagoanssh.com/scss/lib/js/ 2 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jagoanssh.com/scss/lib/js/main.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb5c7e879c7eff34e6754095ac2607b1c7ede57ff77bee0f2a8e2eb26153b36

Request headers

:path: /scss/lib/js/main.js
pragma: no-cache
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 463692
cf-polished: origSize=3840
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ee5d00002c26050c3000000001
last-modified: Mon, 29 Jun 2020 09:33:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pmGij9l6ITxM8DxHdyWh2ZH4g8343dby2lE4BRbNBUm%2BX1lD6EmD2CnB3atsS%2BTYdBd3c2K9CLXVrMCl7pCe0zSHcbtcj6xScTFQZj2CGcPhRKnIIXVSiaSclcgG0k1fcsZDLpEgITIuOVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 663c6f5d682f2c26-FRA
expires: Thu, 24 Jun 2021 23:56:20 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 39ms
25ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210621&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d14761e38b8a7e6682c1c9d146ee7d56e7d481dda9a4307b9271b293d5f0396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7954
x-xss-protection: 0

GET
H3-29 200 clickonme.js Show response
cdn.jsdelivr.net/gh/Arlina-Design/view@master/ 828 B
859 B 19ms
18ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Arlina-Design/view@master/clickonme.js

Requested by

Host: ge.vmes.xyz
URL: http://ge.vmes.xyz/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7cf828a42f0727b31e76594e2ccbc4ff96963dbf366c5f11fcbade5218ba87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37870
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad9a3ee830000c2db5387d000000001
x-served-by: cache-fra19120-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"33c-cw8noOA9IoPj6UknUpUlDkDwOlI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 663c6f5d99cdc2db-FRA

POST
H3-29 200 rum Show response
www.jagoanssh.com/cdn-cgi/ 0
168 B 12ms
11ms XHR
text/plain 2606:4700:3035::ac43:b6be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jagoanssh.com/cdn-cgi/rum?req_id=663c6f54cdb94ee6

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b6be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.jagoanssh.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=vrlk16ftta1vjtu0rlfhm4paq0; __oagr=true; __cf_bm=2289b7312661ccb91e12eed059c08ed5ec1676e7-1624437871-1800-Adg4V1CgZmeW3NpZa6tmQE0tP5VvU5NeBY4KKifEI9BjG20VWBfGRJHXKGgiI3TXvHpNZazFsDY8KnF9qDbC1I1fOlBouH1mpftTCtPN9BgtHZfo9pkL3Z2+sCIJwhmVItLyOM6njQrt9Id+xZXKyJQ=; _ga=GA1.2.1750665867.1624437872; _gid=GA1.2.1369457397.1624437872; _gat=1; __gads=ID=0c3d6d73b8e59c61-2291539928c9007f:T=1624437871:RT=1624437871:S=ALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg
content-length: 1286
:path: /cdn-cgi/rum?req_id=663c6f54cdb94ee6
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.jagoanssh.com
referer: https://www.jagoanssh.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.jagoanssh.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 663c6f5db8c62c26-FRA
vary: Origin

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 94 KB
23 KB 39ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Requested by

Host: ge.vmes.xyz
URL: http://ge.vmes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5ffec5d3912cb3f2a258826da77173133bf9568de068e55d060c979319cb7cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 22 Jun 2021 22:56:17 GMT
expires: Wed, 22 Jun 2022 22:56:17 GMT
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 22182
age: 35295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EC66 0
0 22ms
20ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSzp3cPTSYNa8BM_z3wOw7q6wBd21k7ZjuayOrosOy_GmmP0lEAEg78biamCVAqAB6JnQ0gPIAQmoAwHIA0iqBLIBT9A47Zu-u2Ay7MkU52nAcTFRm1dMO0Y_Z4ZFUXXFtoybzC9VH8KLSDaPyln9fW9TeXhXrCa55XdesxmDJ6TRhL5fLjTu4caO2tltztRjZt7jHtz7G-9OnNL1tZu9al0fO2eIiStP7Q1tMGMAagesbuKp2s-9jt_pkPvT0Z4gleKdUhNnAfhY0VYtbrw2W3rXnVtD79n58RtBDJ9lexxHbF61GSvG2MMhBntDFddbaA5jP8AE9cDts8kDkgUECAQYAZIFBAgFGASgBi6AB4Dmry2oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQn8kG0ggJCIDhgBAQARgfgAoByAsB2BMK0BUBgBcBshcaChgIABIUcHViLTI2ODAwODU3NjY4ODAwNzY&sigh=KkNlewqmtI8&template_id=419

Requested by

Host: ge.vmes.xyz
URL: http://ge.vmes.xyz/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3809638822~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90&nras=3&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dBkMAX1aoc&p=https%3A//www.jagoanssh.com&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Jun 2021 08:44:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame EC66 17 KB
7 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3809638822~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90&nras=3&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dBkMAX1aoc&p=https%3A//www.jagoanssh.com&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 4951781748486473094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:33:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame EC66 3 KB
1 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:30:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC66 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274989777919"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38141
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame EC66 13 KB
6 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:31:33 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A81 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3809638822~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90&nras=3&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dBkMAX1aoc&p=https%3A//www.jagoanssh.com&dtd=17
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkNJOdizL98umcHsj-4N6BiAHqwpR50qAqP5R_odyxcv7cWMGHXG5Bc_l__Bwo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3809638822~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1200x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1110x90&nras=3&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dBkMAX1aoc&p=https%3A//www.jagoanssh.com&dtd=17

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 23 Jun 2021 07:57:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame EC66 0
20 B 40ms
40ms Other
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNa0zNKurfECFc_5dwodMLcLVg&gqi=cPTSYKnvA82RgQeO4Tg&layout=/sadbundle/%24csp%253Der3%24/28910999431938054/728x90/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EC66 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 632774e3b00e3a56d665c2acb0a59532011636785bbdb724667aa61e9e6e8c5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5412 3 KB
578 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=869763061&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871739&bpp=1&bdt=489&idt=148&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NJoeW11Afj&p=https%3A//www.jagoanssh.com&dtd=150

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 08:32:30 GMT
server: ESF
date: Wed, 23 Jun 2021 08:44:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame E433 12 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 23 Jun 2021 06:51:23 GMT
expires: Thu, 23 Jun 2022 06:51:23 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 74A8 783 B
781 B 16ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93eeabe9d9b793bce0739d6e800f73f5afdfa26ec0085683a3dfb99da3465ea5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-epBqLa/U8HbGWHDzPRZwng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jagoanssh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jagoanssh.com/

Response headers

expires: Wed, 23 Jun 2021 08:44:32 GMT
date: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-epBqLa/U8HbGWHDzPRZwng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 5412 1 KB
909 B 31ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:14:24 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame 5412 17 KB
7 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 4951781748486473094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:33:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 5412 3 KB
1 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:18:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5412 122 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274989777919"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38141
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 5412 13 KB
6 KB 26ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:40:07 GMT

GET
H2 200 5be26e13f65761684aaaff0594247b1f.js Show response
www.gstatic.com/mysidia/ Frame 5412 25 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 06:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10687
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 06:31:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Sep 2021 06:27:30 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BD68 9 KB
3 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 16:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 23 Jun 2021 16:31:23 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BD68 26 KB
10 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 23 Jun 2021 20:19:58 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame BD68 5 KB
615 B 22ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

173f455d47754c1069234e9a72ea304ed3c631a68ad2b0a1148e9a4421396e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 08:33:09 GMT
server: ESF
date: Wed, 23 Jun 2021 08:44:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3557 3 KB
578 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=3888832937&adf=39394180&pi=t.aa~a.1842426387~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1110x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=cLpCUBh9Ro&p=https%3A//www.jagoanssh.com&dtd=14

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 08:33:10 GMT
server: ESF
date: Wed, 23 Jun 2021 08:44:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5412 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2p-bb_TSYI3JN9rs3wOeo47YBLrKjKBjz--OiuoN2dkeEAEg78biamCVAqABttf50QPIAQGpArBfcaCXAbQ-qAMByAPLBKoEsgFP0CfzDk07V1wMDmly2up9PRIYYYjdxDdttGVIf82NVshM4s5GGX5s7fejL3tb4W7mXouS7pi4SYThL7QmWSvx0ExZS0EZMutd0LKUpDwVxegCjVNdUTq1lWedCL1URyFcfs6EWxRh-mx37VIyrbTReC4tl1HDB4f_C0qXD4VIe4ncd2DmllwuN13z7VARzQL_RuNdlruQMPovmFnZmHQIaChmtftoQYFyLfBB_6kHT2lGwASGk7aJwgOSBQQIBBgBkgUECAUYBIAH9unlL6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDqvQnSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMjY4MDA4NTc2Njg4MDA3Ng&sigh=WjSgf10Y93Y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=869763061&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871739&bpp=1&bdt=489&idt=148&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NJoeW11Afj&p=https%3A//www.jagoanssh.com&dtd=150
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Jun 2021 08:44:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 3557 1 KB
909 B 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:14:24 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame 3557 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 4951781748486473094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:33:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 3557 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:18:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3557 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274989777919"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38141
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 3557 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:40:07 GMT

GET
H3-29 200 5be26e13f65761684aaaff0594247b1f.js Show response
www.gstatic.com/mysidia/ Frame 3557 25 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 06:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10687
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 06:31:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Sep 2021 06:27:30 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 55FB 143 B
163 B 11ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=869763061&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871739&bpp=1&bdt=489&idt=148&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NJoeW11Afj&p=https%3A//www.jagoanssh.com&dtd=150
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=869763061&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871739&bpp=1&bdt=489&idt=148&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=NJoeW11Afj&p=https%3A//www.jagoanssh.com&dtd=150

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 23 Jun 2021 07:57:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14620194139597292677/ Frame 3557 1 KB
1 KB 11ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14620194139597292677/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

778a9910f42fab5ffc4b7034f4e698637c41f24fa17935079b64ac15ebf26a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 03:56:56 GMT
x-content-type-options: nosniff
age: 362856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1465
x-xss-protection: 0
last-modified: Fri, 22 Jan 2021 12:55:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 03:56:56 GMT

GET
H3-29 200 bg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 6 KB
6 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/bg.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05573a1354f0d049371e2b634e894df7776d189d4f600bf2a1e4bab33fe282d8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 35295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5736
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Tue, 22 Jun 2021 22:56:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:56:17 GMT

GET
H3-29 200 cloud.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 4 KB
4 KB 12ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/cloud.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32d10b475efc15f7ef285a83b8e5c4777f2d5c039b6af1616a912928457a0bc6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 10002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3950
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Wed, 23 Jun 2021 05:57:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 05:57:50 GMT

GET
H3-29 200 rotation.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 2 KB
2 KB 12ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/rotation.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8d4b0896f8811edf08c7454ca3399f8a519e506d649bdc5085763583ceb74e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 46607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2518
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Tue, 22 Jun 2021 19:47:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 19:47:45 GMT

GET
H3-29 200 arrow1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 2 KB
2 KB 10ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/arrow1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fbcf7410bea6ab26fe8902a6e4f639a1bc7610b63276bade2fe8d85f29518b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 60779
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1709
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Tue, 22 Jun 2021 15:51:33 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 15:51:33 GMT

GET
H3-29 200 arrow2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 2 KB
2 KB 17ms
15ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/arrow2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4065da99fdc0550d0a892fee1a6991c6a41bcb8b14d40eee6e9f28525acb53

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 10002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1713
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Wed, 23 Jun 2021 05:57:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 05:57:50 GMT

GET
H3-29 200 mobile.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 5 KB
5 KB 16ms
13ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/mobile.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e02f0183568cecb10f48e0f5ca62909f86641cd2255f7c7be0dbe75191f889fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 4986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4757
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Wed, 23 Jun 2021 07:21:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:21:26 GMT

GET
H3-29 200 app_yellow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 2 KB
3 KB 15ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/app_yellow.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c119a6f18c332a14a7a682f8a0ecbd172b7a2c707984eb2d0034b400d2ee4d46

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 7018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2531
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Wed, 23 Jun 2021 06:47:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 06:47:34 GMT

GET
H3-29 200 app_green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/app_green.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93d6959e75a3c2eaf848b68702ffbe81988a72ddfc8c9e301f73303604a719b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 30214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2368
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Wed, 23 Jun 2021 00:20:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 00:20:58 GMT

GET
H3-29 200 flag.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/flag.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26b7a98e8a8cc62f55c4b082ce73d8ac9eb6adf4c656e7fff12533ab06aa4eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 27567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2084
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Wed, 23 Jun 2021 01:05:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 01:05:05 GMT

GET
H3-29 200 bell.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/bell.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7560d7f00c82f633eee64aefe1dba0e9e1125af750c59897b00801a71f53b096

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 326867
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1687
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Sat, 19 Jun 2021 13:56:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 13:56:45 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/ Frame BD68 7 KB
7 KB 11ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/28910999431938054/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b857bab9d666dd36b87204eee28885a0fe6cfdb582d1c2770c5d77dbc3adaa95

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 35295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 14:36:08 GMT
server: sffe
date: Tue, 22 Jun 2021 22:56:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:56:17 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame BD68 21 KB
21 KB 19ms
17ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 342126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:42:26 GMT

GET
DATA 200
OK truncated
/ Frame 5412 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 435f10f6e54e29b7dba2a456612acc83bebfc3f7b35b531ca64e8ad18d0602ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3557 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHsoicPTSYPyiBMbm3wOwq5aYC5z7t7Njk9yqurEM2dkeEAEg78biamCVAqAB6fSLvwPIAQGpAjVGDuAQALQ-qAMBqgSwAU_Ql-MGuvVAscq6CuF39N3j6DIcbLbRKCtffpohzUg6pw8JCPmhyBKd03GQYFNijrSLtrVFGBl7_EWiXQXjb2xqGd-YzuetTwU31Yz1V45_5DyWOOZBUxhho5G_EQaJN3lRoYJ3qJKOq88oh5-XkCKjGai4Ov_8Par0JWBDUb0ehZC5ms6-iXiPiqJ0sJfthu3Wp8HuexL_XuQEUsU1BgSrUHiHPYVv3r9_LCRm_iCVwATMs_DylgOSBQQIBBgBkgUECAUYBIAHxaWDQqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDeownSCAkIgOGAEBABGB-ACgHICwHYEwqIFAPQFQGAFwGyFxoKGAgAEhRwdWItMjY4MDA4NTc2Njg4MDA3Ng&sigh=kFFm2bFflUA&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=3888832937&adf=39394180&pi=t.aa~a.1842426387~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1110x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=cLpCUBh9Ro&p=https%3A//www.jagoanssh.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Jun 2021 08:44:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5412 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 13:40:44 GMT
x-content-type-options: nosniff
age: 68628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 13:40:44 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5412 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 342126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:42:26 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A81
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
16ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 23-Jun-2021 09:44:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 12346520594534997222
tpc.googlesyndication.com/daca_images/simgad/ Frame AC2B 86 KB
86 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12346520594534997222

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f380c6e05dc00fa4b908609c49356214617b87fa172b6e32f7709385aa697c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:53:50 GMT
x-content-type-options: nosniff
age: 3042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88064
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 13:24:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:53:50 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame AC2B 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 4951781748486473094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:33:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame AC2B 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:18:27 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame AC2B 67 B
98 B 9ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Jun 2021 13:10:17 GMT
x-content-type-options: nosniff
server: cafe
age: 70455
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 23 Jun 2021 13:10:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC2B 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274989777919"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38141
x-xss-protection: 0
expires: Wed, 23 Jun 2021 08:44:32 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC2B 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRGpUb_TSYNX7NrWCjuwP7cyyuAWq1PHjYv6ZjY-lDZSkoNyrCRABIO_G4mpglQKgAZyv-6gCyAECqAMByAPJBKoEsgFP0PVnVtgFbDQgZIodYMRGlXbMfmao0PNSTbbqNzATIGpPsKCSkrNunh1kGOpsRh3ZE0oIy2Uv8Q5EcDE7EkDVWQgdT18GWMs4W9NB7veNAbfKxVC78rDAcrtG072S6_O3pqEvm1SFbowbtEP57E2GK0kq1uY1Nz3Aw6RsM3eIfzQZHZhpGxbbF6nZZxNUMLSyHNLhnk6ayVHhZ-WRg-TDFehDHDZYCwWsfLSqzWzMrlnXwASR-ZPlugOSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQnPkH0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTI2ODAwODU3NjY4ODAwNzY&sigh=Yl_wD6rbqHk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Jun 2021 08:44:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame AC2B 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:40:07 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame AC2B 25 KB
10 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8e270479f5cd496c11d7e925fdb5474b8481dca58d2c79b1914821b2d3c1940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 02:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10681
x-xss-protection: 0
server: cafe
etag: 467697596414487005
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 02:28:46 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 89E1 143 B
163 B 9ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=3888832937&adf=39394180&pi=t.aa~a.1842426387~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1110x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=cLpCUBh9Ro&p=https%3A//www.jagoanssh.com&dtd=14
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=90&adk=3888832937&adf=39394180&pi=t.aa~a.1842426387~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1624437872&rafmt=1&to=qs&pwprc=3290729683&psa=0&format=1110x90&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437872036&bpp=1&bdt=786&idt=-M&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c3d6d73b8e59c61-2291539928c9007f%3AT%3D1624437871%3ART%3D1624437871%3AS%3DALNI_MZy-rNno49rpybt1YrkD-jxBMPPgg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=cLpCUBh9Ro&p=https%3A//www.jagoanssh.com&dtd=14

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 23 Jun 2021 07:57:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BAE6 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 22 Jun 2021 11:20:29 GMT
expires: Wed, 23 Jun 2021 11:20:29 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 77043
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3557 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6539a72f4ebccb52f00004efe7c60cf69e3ed5517c124d10e353061822d1be5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F855 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 23 Jun 2021 07:57:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AC2B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d672b4fefd3b78014053c707cf8ce6a1d555356b6e2066ad1fe554bdb7a04cf8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame BD68 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jun 2022 07:36:29 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3557 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 13:40:44 GMT
x-content-type-options: nosniff
age: 68628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 13:40:44 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3557 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 342126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:42:26 GMT

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame E433 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jun 2022 07:36:29 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 55FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 23-Jun-2021 09:44:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame 98C1 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jun 2022 07:36:29 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame BAE6 35 B
463 B 13ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC840XOkzAEHlMs9hy-v_yw&google_cver=1&google_push=AYg5qPJ15AECxEI7d5ZTt5jZtEgB6gXDyCMrK4Q1MIAdy0iw44N_SQ9Idmh0Ta6MnUkr8MNeM1JlN0-VmIWwtn1ThnQCD4q0cA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BAE6
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKbLWJq0sfS0LL0TJqvyC9ggLNA9M62E3PMYbT...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5MMGNBQUFBY1c0cWgyZQ&google_push=AYg5qPKbLWJq0sfS0LL0TJqvyC9ggLNA9M62E3PMYbTsgc1J0aOu-z-vm6WzCRh6Qmh0xYUMIputUPvWxpNIjW4Hx23ylfTvJr4

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5MMGNBQUFBY1c0cWgyZQ&google_push=AYg5qPKbLWJq0sfS0LL0TJqvyC9ggLNA9M62E3PMYbTsgc1J0aOu-z-vm6WzCRh6Qmh0xYUMIputUPvWxpNIjW4Hx23ylfTvJr4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5MMGNBQUFBY1c0cWgyZQ&google_push=AYg5qPKbLWJq0sfS0LL0TJqvyC9ggLNA9M62E3PMYbTsgc1J0aOu-z-vm6WzCRh6Qmh0xYUMIputUPvWxpNIjW4Hx23ylfTvJr4
Date: Wed, 23 Jun 2021 08:44:32 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BAE6
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKDwZIt...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKDwZIt...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjMwODQ0MzMyMzA4NDc5MTE3MzI1OQ%3D%3D&google_push=AYg5qPKDwZItPq3vxB9gJDl2BHFOdaoHkxKTJvQDqygM34rNWOpA4JtJ-CTsAufVwfcxSR...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjMwODQ0MzMyMzA4NDc5MTE3MzI1OQ%3D%3D&google_push=AYg5qPKDwZItPq3vxB9gJDl2BHFOdaoHkxKTJvQDqygM34rNWOpA4JtJ-CTsAufVwfcxSRugcN-ksLzMsXYDm9DWXAiTIdoR_2g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjMwODQ0MzMyMzA4NDc5MTE3MzI1OQ%3D%3D&google_push=AYg5qPKDwZItPq3vxB9gJDl2BHFOdaoHkxKTJvQDqygM34rNWOpA4JtJ-CTsAufVwfcxSRugcN-ksLzMsXYDm9DWXAiTIdoR_2g
Pragma: no-cache
Date: Wed, 23 Jun 2021 08:44:33 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BAE6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESED2OI2u9QpvAQdr8DJ2S6So&google_cver=1&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494
https://rtb.openx.net/sync/dds?google_gid=CAESED2OI2u9QpvAQdr8DJ2S6So&google_cver=1&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494&google_hm=ssVVeV-QwQYpeGwAo_DS3g==

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494&google_hm=ssVVeV-QwQYpeGwAo_DS3g==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:32 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1Vi3SNiAZfPorsV5BFHxxNBYu1eLYXhwVmlv7mIFwS12eKLOqwY5XRHw4b8InQerBSUydkQjjl_vpe_yLcZs6Mt6o494&google_hm=ssVVeV-QwQYpeGwAo_DS3g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: vph0q20ejd3b099a2l9erk1ouks6tikk

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BAE6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jMnXwAFYQIyXlhKuh2Bgbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jMnXwAFYQIyXlhKuh2Bgbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJJggfoJK3IKtt4O8Mxxus2sWmey0JLs4QSnlT8RBnwOupnPZx7fHY-lOIbs_BOkc186LgEgtcYiEOW0Tq7g2zCat9ivFE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jMnXwAFYQIyXlhKuh2Bgbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJJggfoJK3IKtt4O8Mxxus2sWmey0JLs4QSnlT8RBnwOupnPZx7fHY-lOIbs_BOkc186LgEgtcYiEOW0Tq7g2zCat9ivFE
date: Wed, 23 Jun 2021 08:44:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BAE6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBQFphPaxC3_DNF-RQluMUs&google_cver=1&google_push=AYg5qPKhShE1kjaiTawFahT_Op5gcsYaHoLLl_3FPnpM67eb4lBavUvC4KB0Ra35lXWYEFe1CRY...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E5OEQ4S08tMVYtOFQy&google_push=AYg5qPKhShE1kjaiTawFahT_Op5gcsYaHoLLl_3FPnpM67eb4lBavUvC4KB0Ra35lXWYEFe1CRY6tOuSTX2gxPeDgyt4ejCoKQ

170 B
188 B

37ms
21ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E5OEQ4S08tMVYtOFQy&google_push=AYg5qPKhShE1kjaiTawFahT_Op5gcsYaHoLLl_3FPnpM67eb4lBavUvC4KB0Ra35lXWYEFe1CRY6tOuSTX2gxPeDgyt4ejCoKQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E5OEQ4S08tMVYtOFQy&google_push=AYg5qPKhShE1kjaiTawFahT_Op5gcsYaHoLLl_3FPnpM67eb4lBavUvC4KB0Ra35lXWYEFe1CRY6tOuSTX2gxPeDgyt4ejCoKQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame BAE6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eA...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BAE6 0
253 B 42ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jg4GiY6v5fVzVVfCtgIcym31rKGPlUXqbHoemo56LVZPzCPgwwlv_M8t_0tp3SUtcvvNEX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:44:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 89E1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 23-Jun-2021 09:44:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F855
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

19ms
19ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8tys2uVGGXRqexCG5-rLpSg1faDg4nAuE4Ijv7yzeuCxOo8lQL85yjStqVcE; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 23-Jun-2021 09:44:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Jun 2021 08:44:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Jun 2021 08:44:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame F8E7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2680085766880076&output=html&h=280&slotname=1838419727&adk=2281199659&adf=2653041513&pi=t.ma~as.1838419727&w=1200&fwrn=4&fwrnh=100&lmt=1624437871&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.jagoanssh.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624437871737&bpp=2&bdt=487&idt=139&shv=r20210621&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6409373814358&frm=20&pv=1&ga_vid=1750665867.1624437872&ga_sid=1624437872&ga_hid=1741500348&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060975%2C31061421&oid=3&pvsid=3032901370423814&ref=http%3A%2F%2Fge.vmes.xyz%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YfpRhYObjF&p=https%3A//www.jagoanssh.com&dtd=145

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jun 2022 07:36:29 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210621&jk=3032901370423814&bg=!ERKlElbNAAZktE7iZLQ7ACkAdvg8WqXL0j5z8CqG6sJYGlSs68WEkG1tKwz2Mq5Q6bTufBDugASvlQIAAAEDUgAAAA9oAQeZAmllEcJ0472FJnR5_mlV3lz6pdeMD2QTdah8uMAjhdKQtrUMaG3XJFXfS1JwAHom4qLP2KijYw2tfJ_Drw4itbAVd7AQOIgrAqpO8Xx-Rtu8FlrUj9-h8ThFR454Vz-YqTd7_dEjAHUu-bT2uBWnZ3fNo8QLkFTh7VmBzogOt59HseGYQaA15JNi5_dv5ogB-VkRmBaHuo8-vsbBHE0_RClHthisOschFXJekXCl0S4hfG1mHMdf6rxCVK1k8FqVmm4Euk43Ntism4JiTOcZ-4YSL8Wj1fvhNfDmn9bkyy1TcAVpZwwJBBnOblufpV5YbN3McynSxGjtdBxAuzC3tH9RydZe0xfdOqHG8MJiShQC82R1WRoxiEhtX5xBi2di8VR3xfwN3r2eW3kjYb3jQb8F1iIXBSTZdyOE8V6f39SEr1RAMtSjCxv0r10ywnITtaQR3RUyaiO4V1-7g7l49KBeSbSJzqq69v2VwIUD-KBwBZJhYakCxjMP_mFsAXMoxmlkMHWJyJftm63BRWZz8yfEo0ezWJxxsmj3w58KB8BHqZFlIfKMybEYghqMXgGvIjNwuH7y-uj1kGJ53-AZvSxJU_k9lcO2LO5j9MeOf7A9PSxRAqZmt_Q0goWYE9LbGR4HARKtCWsASxIyHNCXx0nbo9RE9pHFYKLObFS1ggM5UYrmhZ7ZEkVWX5k_qGFHLvZqWCfivcV21vr00CNy_Ks4KCAwDLlOr1jaZn6UgrA9ODoEjKmtCzWoec734g6swpcPpsBp3b486UAnHbK9FQFMWHwTmOnBOrujitB1ormU6vjNmDDLX-gLbA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jagoanssh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Jun 2021 08:44:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNL0cAaAKPlt2-2DqM7bxAAABKwAAAAB&google_cver=1&google_gid=CAESEEiTVsu6ZYKOS6yapk_YGNo&google_push=AYg5qPLW1t95QFLzfaG_gWXWKebvWG-Hqo-eAFFYMVFo_nqf0tsRx4SjwkJvw1JM9OwXABf2QS-Imk4SiGlMVF1drT2gXP-17Rg

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.jagoanssh.com/	1970-01-19 19:24:02	Name: __oagr Value: true
			www.jagoanssh.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: vrlk16ftta1vjtu0rlfhm4paq0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.jagoanssh.com/scss/js/main.min.js(Line 1) Message: resizing

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
ge.vmes.xyz
get.optad360.io
googleads.g.doubleclick.net
image6.pubmatic.com
jagoanssh.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.jagoanssh.com
cm.g.doubleclick.net
142.250.184.226
142.250.185.162
185.64.189.115
23.21.55.36
2600:9000:21f3:ce00:11:a4de:2580:93a1
2600:9000:21f3:f800:6:b871:4f00:93a1
2606:4700:3030::6815:12a4
2606:4700:3035::ac43:b6be
2606:4700::6810:5914
2606:4700::6810:5e41
2606:4700::6810:a823
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:809::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
35.186.253.211
54.38.158.148
69.173.144.165
99.80.199.35
05573a1354f0d049371e2b634e894df7776d189d4f600bf2a1e4bab33fe282d8
098bba5625937d07d651f3e13ba23aa1696bb92252b69e3f5a16a5b69800b0fa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c162b496040ef607eba3ac23a08c4567aa8bafa1fb806d8d54fb5df834657ad
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
173f455d47754c1069234e9a72ea304ed3c631a68ad2b0a1148e9a4421396e9f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d7391a8f93ff6e63fe238c1dfd7bb919404698e85e7de72534821cd91b0ff49
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
21a147fa80c2bdf02d39ce7f2bfdd7b6302d47258b3d53d0fcca545960e3ac95
222c42671cdedbe826aaf231f6b1119d9d49adff13100d82c2cc297d086ca12f
25034c9c88a69add90e541bebccdd91b3849ec5ea87dd951059a061dbc8a0895
288930fd3e6c950c5d61f200fa759eb03becd66cf3135b7190d6ac3ec1975179
28b06e0d559619508a6177a8e15e9b280c75fe70f53f0205a23ffcd5c05529a6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c80429c52cd9db6bc35484ca9251b5717b93e77249d12d14b3d9d1d691756ed
2cd6a3a330bedbb3a928f7a266d8d0bc3bd3d7f9b832a1583796beac05a85c80
32d10b475efc15f7ef285a83b8e5c4777f2d5c039b6af1616a912928457a0bc6
3349c2143fdc09944647ebc6bb8b8a8e9c6df4a3c37008b8cf87f1747486de1b
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
435f10f6e54e29b7dba2a456612acc83bebfc3f7b35b531ca64e8ad18d0602ae
4701b58a1e467949af86d809ee91de14c3b6b239cb0bafcc08d0579bc87d1299
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e
4fefc8f3269d15253364ace26d45d4946773d435a6f0bab3e5890b91c3cd7f58
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
587e5dcc8f46edd11125d20dee651ebfee4c24c16fe7d969698466414e29f862
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
632774e3b00e3a56d665c2acb0a59532011636785bbdb724667aa61e9e6e8c5c
6539a72f4ebccb52f00004efe7c60cf69e3ed5517c124d10e353061822d1be5b
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
6d76008b112ea700919e9ec1ef978f6c4a8d7e94ccf4594920486625d6f36486
6fa82c9b5a2c86dbc50c757299b8afa6bdbc839e83501cac455f04195af74cb1
6fbcf7410bea6ab26fe8902a6e4f639a1bc7610b63276bade2fe8d85f29518b1
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7560d7f00c82f633eee64aefe1dba0e9e1125af750c59897b00801a71f53b096
778a9910f42fab5ffc4b7034f4e698637c41f24fa17935079b64ac15ebf26a73
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d0570b62f7251fef2b362ecf44f38649afaa4823a3655c515220cb886b83a74
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
93d6959e75a3c2eaf848b68702ffbe81988a72ddfc8c9e301f73303604a719b1
93eeabe9d9b793bce0739d6e800f73f5afdfa26ec0085683a3dfb99da3465ea5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638
9ba1a1bebdc7c7ab0c13d45a532c6dcd576227ad003d5d5fde4c6e6103d7caaf
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1984a0aca9fa2565098d27218754d8f2cfc25ecaaaa22ecb198833dc1548b60
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b915f4567c6e55446666f380049d6e9cc3f2163e50fbec8574055bbf52ade1
a8e270479f5cd496c11d7e925fdb5474b8481dca58d2c79b1914821b2d3c1940
ac128e0d2460388e65e203dd9d68a73b2aec5882fc8ae3009644c38a68405e5f
afb5c7e879c7eff34e6754095ac2607b1c7ede57ff77bee0f2a8e2eb26153b36
b5ffec5d3912cb3f2a258826da77173133bf9568de068e55d060c979319cb7cb
b857bab9d666dd36b87204eee28885a0fe6cfdb582d1c2770c5d77dbc3adaa95
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c06a882621fd2557172ac1c9e65e2487e6c4b0ed9c9658472911b347451b82fb
c119a6f18c332a14a7a682f8a0ecbd172b7a2c707984eb2d0034b400d2ee4d46
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d14761e38b8a7e6682c1c9d146ee7d56e7d481dda9a4307b9271b293d5f0396b
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d1dc026afdd8a9e5885ad5f6c3ad2d233358f4490d02b26567dbaa6d609f5963
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d672b4fefd3b78014053c707cf8ce6a1d555356b6e2066ad1fe554bdb7a04cf8
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
de8d4b0896f8811edf08c7454ca3399f8a519e506d649bdc5085763583ceb74e
e02f0183568cecb10f48e0f5ca62909f86641cd2255f7c7be0dbe75191f889fd
e26b7a98e8a8cc62f55c4b082ce73d8ac9eb6adf4c656e7fff12533ab06aa4eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e62ee7494f3efc920a6791b7790fd6e9c8512e5b6b2373343f55f7bfd59b0085
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e7cf828a42f0727b31e76594e2ccbc4ff96963dbf366c5f11fcbade5218ba87c
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f380c6e05dc00fa4b908609c49356214617b87fa172b6e32f7709385aa697c2f
f46c13313e4835d59e0e9bf14076cefe63b6614b96c468fc6c0cfc190b81474a
f560b5f8e34f59c0aff734c9a8baccf493750c85e4b7d3edb6cd1d88518a16ec
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
fe2026897e9821c921336dd6142e512eecd6a61efb6087bc23e37534299f0925
fe4065da99fdc0550d0a892fee1a6991c6a41bcb8b14d40eee6e9f28525acb53

www.jagoanssh.com Open in urlscan Pro 2606:4700:3035::ac43:b6be Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

96 %HTTPS

71 %IPv6

21 Domains

28 Subdomains

24 IPs

4 Countries

1834 kBTransfer

4539 kBSize

2 Cookies

7 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jagoanssh.com Open in urlscan Pro
2606:4700:3035::ac43:b6be Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

28
Subdomains

24
IPs

4
Countries

1834 kB
Transfer

4539 kB
Size

2
Cookies

136 HTTP transactions
2 data transactions